From 0d004eaf04fdf4e9e866e6aff7e68faa6b1653ea Mon Sep 17 00:00:00 2001 From: m-boone Date: Wed, 10 Oct 2018 16:51:51 +0200 Subject: [PATCH] After installing the certificate to the _archive/ folder and the reloading of nginx the certificate will not be used for system default yet as it is not copied to the /system/default folder yet. This workaround will copy it and change the DEFAULT and INFO files, this can maybe also be done by Bash but I do not know the commands. --- Synology-NAS-Guide.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Synology-NAS-Guide.md b/Synology-NAS-Guide.md index 24c31eb..6463fcb 100644 --- a/Synology-NAS-Guide.md +++ b/Synology-NAS-Guide.md @@ -57,8 +57,8 @@ Please note that this will replace your Synology NAS system default certificate --reloadcmd "/usr/syno/sbin/synoservicectl --reload nginx" \ --dnssleep 20 -Now you can check the DSM control panel - Security - Certificates to see the nominated certificate has been replaced by letsencrypt one. You can now configure to use this one as default and assign to specific services, like vpn, sftp, etc. - +Now you can check the DSM control panel - Security - Certificates to see the nominated certificate has been replaced by letsencrypt one. You can now configure to use this one as default and assign to specific services, like vpn, sftp, etc. +If you see the Lets Encrypt certificate but it's not being used by DMS yet you will have to create a temporary self signed certificate, assign the "system default" service to it and after the webserver has restarted assign the "system default" back to the Lets Encrypt certificate. After the webservice has restarted DSM will be using the lets encrypt certificate. ## Configuring Certificate Renewal To auto renew the certificates in the future, you need to configure the cronjob. However, acme.sh seems not properly add tasks to Synology crontab. You have to do this manually.