How to install an SSL certificate on Synology NAS

  SSL Installation instructions

Installing the Certificate

Important note: In this guide, we’ll use as an example name. When you complete CSR code generation and SSL activation, and download the corresponding certificate files to your account, they will be named after your own website.

Step 1: Security Panel

Log in to your Synology NAS. Choose Security from the Control Panel menu.

Step 2: Add New Certificate

In the Security tab, select the Add option from the drop-down menu.

Check the Add a new certificate option and click Next.

Please note: You can use the Replace an existing certificate option if you need to reinstall a reissued or renewal SSL, or import a new one. In this case, choose the Certificate you’d like to replace and click Next   

Step 3: Apply the SSL Files

On the following screen, mark the Import certificate checkbox and click Next.

Next, use the Browse buttons to upload the corresponding Private key (.key), Certificate (.crt) and Intermediate certificate (.ca-bundle) files from your PC. Once done, hit OK.

That’s it! Your website is now secure and accessible via https://.

You’ll see the SSL is listed in the Certificate tab of the Control Panel:

Secure services

You can link the installed certificate to the services available in the Configure menu. Follow the example in the image below:

Once done, the changes will be reflected in Certificate tab as well:

Setting up HTTPS

Today, Google requires all websites to be https:// by default. You can set up an automated redirect from http:// to https:// for your website via your Synology NAS Control Panel by doing the following:

In the main Control panel menu, select the Network tab and then the DSM Settings tab.

Mark Automatically redirect HTTP connections to HTTPS and click Apply. That’s it, you’re all set now!

This online checker will help you to verify the SSL installation. Ensure you specify the correct HTTPS Port – 5001 by default. Alternatively, just visit your website in your browser (via http:// if the redirect has been enabled; via https:// if it’s not the default version of your website).