Install Synology CA Certificate into Linux OS

Install Synology CA Certificate into Linux OS

To trust Synology self generated CA in Linux OS, following steps can be used.

Export Synology CA Certificates from NAS

  • Launch Control Panel => Security
  • Click on Certificate tab
  • Click on Add button
  • Select the certificate named as synology
  • Select Explore certificate, then Next

There will be 4 files in the downloaded ZIP file


Copy the Synology CA certificate

Copy file syno-ca-cert.pem to server folder and rename it to .crt

cp syno-ca-cert.pem /usr/local/share/ca-certificates/syno-ca-cert.crt

Note: the certificate file name must be .crt

Restart service

For any services used certificate generated by Synology CA certificate, restart the service

systemctl restart <service>

Test CA

Use openssl command

Run following commands

openssl s_client -connect server_address:443 -CAfile /usr/local/share/ca-certificates/syno-ca-cert.crt
openssl s_client -connect server_address:443 -CApath /etc/ssl/certs

Should return 0 (ok)

Verify return code: 0 (ok)

Use curl command

curl --verbose <URL> --cacert /usr/local/share/ca-certificates/syno-ca-cert.crt
curl --verbose <URL>


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

The reCAPTCHA verification period has expired. Please reload the page.