Install a Let’s Encrypt SSL certificate on a Synology NAS
The benefits of Let’s Encrypt certificates are that they are automated, short lifetimes (90 days) and that they are completely FREE!.
Below is a quick guide on how to install Let’s Encrypt SSL on a Synology NAS!
Create and maintain a Let’s Encrypt certificate on a Synology NAS.
Uses lego and the ACME DNS-01 challenge for any of the supported DNS Providers.
Install & Update Script
To install or update synology-letsencrypt, run the install script. To do that, either download and run the script manually, or use the following cURL command:
curl -sSL https://raw.githubusercontent.com/JessThrysoee/synology-letsencrypt/master/install.sh | bash
Configuration
Update /usr/local/etc/synology-letsencrypt/env
with domain(s), email, and DNS API-key:
DOMAINS=(--domains "example.com" --domains "*.example.com") EMAIL="[email protected]" # Specify DNS Provider (this example is from https://go-acme.github.io/lego/dns/simply/) DNS_PROVIDER="simply" export SIMPLY_ACCOUNT_NAME=XXXXXXX export SIMPLY_API_KEY=XXXXXXXXXX export SIMPLY_PROPAGATION_TIMEOUT=1800 export SIMPLY_POLLING_INTERVAL=30
Now you should be able to run /usr/local/bin/synology-letsencrypt.sh
.
To schedule a daily task, log into the Synology DSM and add a user-defined script:
Synology DSM -> Control Panel -> Task Scheduler
Create -> Scheduled Task -> User-defined script
General -> User = root
Task Settings -> User-defined script = /usr/local/bin/synology-letsencrypt.sh
Uninstall
To uninstall synology-letsencrypt, run the uninstall script. To do that, either download and run the script manually, or use the following cURL command:
curl -sSL https://raw.githubusercontent.com/JessThrysoee/synology-letsencrypt/master/uninstall.sh | bash