Day: November 9, 2021

Add self-signed certificate for TrueNAS

Posted on by Bian Xi Leave a Comment on Add self-signed certificate for TrueNAS

Add self-signed certificate for TrueNAS

To use self-signed certificate in TrueNAS, following steps are required.

Add Certificate into TrueNAS

  • Select Credentials -> Certificates
  • In Certificates section, click on Add button
  • In Add Certificate window, give a name, and select Import Certificate
  • In Extra Constraints section, cut and paste the contents of cert file and key file into Certificate and Private Key textboxes

Configure GUI certificate

  • Select System Settings -> General
  • In GUI section, click on Settings button
  • In GUI Settings window, select the certificate to be used in GUI SSL Certificate option
  • Click on Save button

Restart

Restart UI web server, which is done automatically.

Refresh browser, need to click reload botton.

Create certificate in Synology NAS with self signed CA

Posted on by Bian Xi Leave a Comment on Create certificate in Synology NAS with self signed CA

Create certificate in Synology NAS with self signed CA

If the CA certificate is managed by Synology NAS, following steps can be used to create a certificate under that CA.

Create certificate request

  1. Go to Control Panel -> Security -> Certificate
  2. Select CSR
  3. Select Create certificate signing request (CSR)
  4. Then fill up information required
  5. Select Download, the CSR will be downloaded into local machine

The downloaded file contains two files, server.key and server.csr.

Sign certificate

  1. Go to Control Panel -> Security -> Certificate
  2. Select CSR
  3. Select Sign certificate signing request (CSR) and select the root certificate to be used
  4. Use Browse button to select the CSR file in previous step
  5. Select Download, the CSR will be downloaded into local machine. The CSR file should be in archive folder, and named as server.csr
  6. In Subject Alternative Name, put both server full name and short name, or other names if the server is playing multiple roles.
  7. Click on Download, then a file named as server.crt is downloaded locally.

Import generated certificate

There are three files you have,

  • The certificate file, name as server.crt
  • The private file, name as server.key

  • The intermediate certificate file, such as syno-ca-cert.pem or other CA intermediate certificate

    They also can be imported into synology certificate app for certificate management

  1. Go to Control Panel -> Security -> Certificate
  2. Select Add -> Add
  3. Select Add a new certificate
  4. Select Import certificate
  5. Click on Browse button for Private Key to select server.key file
  6. Click on Browse button for Certificate to select server.crt file
  7. Click on Browse button for Intermediate Certificate to select syno-ca-cert.pem file
  8. Click OK button