{"id":147115,"date":"2024-01-15T05:23:38","date_gmt":"2024-01-15T05:23:38","guid":{"rendered":"https:\/\/mustafa.net\/?p=147115"},"modified":"2024-01-15T05:23:39","modified_gmt":"2024-01-15T05:23:39","slug":"secure-your-nas-with-ssl-using-letsencrypt","status":"publish","type":"post","link":"https:\/\/mustafa.net\/2024\/01\/15\/secure-your-nas-with-ssl-using-letsencrypt\/","title":{"rendered":"Secure your NAS with SSL using LetsEncrypt"},"content":{"rendered":"\n<p><strong>Create a user in Synology DSM.<br><\/strong>Log into your Synology device, click Control Panel, click User &amp; Group, and click Create. I used certadmin as the username and give the user a good description. Make sure the user is a member of the administrators group (this is required for SSH access that we will be using in a moment) and the http group (this is required for the process to authenticate to DSM in the SSH session). <\/p>\n\n\n\n<p>The certadmin user only needs Read\/Write access to the homes folder and you can deny access to all applications. NOTE: some other guides do not specify adding the user to the administrators and http groups, this is required! Once the user has been created go back to the Control Panel home and click Terminal &amp; SNMP. Check Enable SSH service and click apply.<\/p>\n\n\n\n<p>Type the following commands:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ssh certadmin@YOURHOSTorIPADDRESS\r<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>To create a certificate:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>wget -O \/tmp\/acme.sh.zip https:\/\/github.com\/acmesh-official\/acme.sh\/archive\/master.zip\r\n\r\nsudo 7z x -o\/usr\/local\/share \/tmp\/acme.sh.zip\r\n\r\nsudo mv \/usr\/local\/share\/acme.sh-master\/ \/usr\/local\/share\/acme.sh\r\n\r\nsudo chown -R certadmin \/usr\/local\/share\/acme.sh\/\r\n\r\ncd \/usr\/local\/share\/acme.sh<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>Add this if using cloudflare:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>export CF_Key=\"763eac4f1bcebd8b5c95e9fc50d010b4\"\r\nexport CF_Email=\"alice@example.com\"<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>Add account to ZeroSSL:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>.\/acme.sh --register-account -m my@example.com<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>Now issue the certificate<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>.\/acme.sh --issue --dns dns_cf -d domain.com -d '*.domain.com'<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p><a href=\"https:\/\/github.com\/acmesh-official\/acme.sh\/wiki\/Synology-NAS-Guide\">https:\/\/github.com\/acmesh-official\/acme.sh\/wiki\/Synology-NAS-Guide<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Create a user in Synology DSM.Log into your Synology device, click Control Panel, click User &amp; Group, and click Create. I used certadmin as the username and give the user a good description. Make sure the user is a member of the administrators group (this is required for SSH access that we will be using [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":95451,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[19009],"tags":[],"_links":{"self":[{"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/posts\/147115"}],"collection":[{"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/comments?post=147115"}],"version-history":[{"count":1,"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/posts\/147115\/revisions"}],"predecessor-version":[{"id":147116,"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/posts\/147115\/revisions\/147116"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/media\/95451"}],"wp:attachment":[{"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/media?parent=147115"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/categories?post=147115"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mustafa.net\/wp-json\/wp\/v2\/tags?post=147115"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}