Synology SSL Administration

Download PDF

Introduction

 

A Certificate Signing Request (CSR) is required when ordering an SSL-certificate, this is generated from a private key.

 

If you wish to create the private key yourself you will also have to generate the CSR, follow Generating a CSR followed by Installation of SSL certificate

 

If you wish to use our CSR-service follow Installation of SSL certificate

 

Generating a CSR

 

  1. Open the Synology control panel.

Click Security on the left.

Click Certificate at the top

Click CSR

 

 

  1. Select Create certificate signing request (CSR)

Click Next

 

 

  1. Fill out the following information:

 

    • Private key length: Select 2048
    • Common Name: The primary fully qualified domain name. e.g.: www.fairssl.dk
    • Email: Leave blank
    • Country: ISO-standard two-letter country code, must be capitalised. e.g.: DK
    • State/Province: State or municipality, in Denmark the municipality is used. e.g.: Norddjurs
    • City: City name. e.g.: Ørum Djurs
    • Organization: The full company name, exactly as presented in CVR. e.g.: FairSSL A/S (is only required for OV and EV certificates)
    • Department: The department that is to use the certificate. It may not be possible to conflate the name with another company. IT is recommended to leave it empty or use the company name. e.g.: FairSSL A/S (is not used any more and should be left empty)

 

Klik Next

 

 

  1. Click Download

You will get a file named archive.zip containing server.csr and server.key

Unzip the file and rename the files after your website, e.g. server.key as www.fairssl.dk.key and server.csr as www.fairssl.dk.csr

 

  1. Open the CSR file with a text editor, and copy the entire text, incl. all the dashes at the beginning and end.

Insert the copied text in the CSR field during the certificate ordering.

The following is an example of a complete CSR text:

 

 

A CSR does not contain any private information, and there are no security risks by sending the CSR to us through an unencrypted email.

 

Installation of SSL certificate

 

  1. Open a text editor and copy the entire text of your SSL certificate from the mail into the file, incl. all the dashes, and save the file named after your website e.g. www.fairssl.dk.pem

Open a text editor and copy the entire text from the intermediate certificate from the mail into the file, incl. all the dashes, and save the file as intermediate.pem

 

  1. Open the Synology control panel.

Click Security on the left.

Click Certificate at the top

Click Add

 

 

  1. Select Add a new certificate

Click Next

 

 

  1. Select Import certificate

Click Next

 

 

  1. Click Browse for each of the following and locate the file that fits it

 

    • Private key: The private key you got together with your CSR (www.fairssl.dk.key)
    • Certificate: The certificate file (www.fairssl.dk.pem)
    • Intermediate certificate: The intermediate certificate file (intermediate.pem)

 

Click OK

 

 

  1. Remember to set the Synology to automatically redirect HTTP connections to HTTPS

Click Netværk to the left

Click DSM Settings at the top

Flag Automatically redirect HTTP connections to HTTPS

 

 

We recommend that you test the installation with our server tester at https://www.fairssl.net/en/ssltest