An Audiostation Certificate Auddity

Currently reading
An Audiostation Certificate Auddity

335
131
NAS
DS212J, DS214play, DS216, DS216play, DS414, DS918+, RS816
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. iOS
Posting in hopes of saving someone else the grief I just went through.

I wanted to get Audiostation to work with Amazon Alexa. (I'm in the US, where this is supposed to work; I understand that in some other parts of the world it doesn't, by design, though I'm not sure why...anyway, I digress...)

To use Alexa with Audiostation, you must first, in Audiostation/Settings/Advanced, turn on "Enable Amazon Alexa Service," and enter an https - enabled hostname by which Alexa will connect with Audiostation. It can't be a hostname with a self-signed certificate; it must be "valid and trusted." A Let's Encrypt certificate counts as "valid and trusted."

So I tried this, and typed my hostname, for which I had a Let's Encrypt cert installed, into the window, and got the message that this was NOT a hostname with a valid and trusted certificate! What? Of COURSE it is! I tried a bunch of times, and no dice. Here's where I can save you some time: I had imported the Let's Encrypt Certificate into the Synology using only the private key file and the certificate file, but not the intermediate certificate, because for some time now, Synology has allowed you to do this...and the certificate works fine in every other context. (And, in fact, the Synology RT2600 certificate facility doesn't let you put in an intermediate certificate even if you want to! There's no spot for it!)

Reimporting the certificate with the (intermediate) ca.cer file solved everything. From the perspective of everything but Audiostation, as far as I can tell, the certs work just fine without the ca.cer... but for Audiostation to work with Alexa, for some reason, you need it.

Let me know if I'm stupid, and that this should have been obvious; to me it seems like quirky behavior, at best.
 

Rusty

Moderator
NAS Support
2,826
864
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Started to write a comment mid-way reading to suggest using privkey + fullchain and see if that will fix. I have had some services that on ios version of the app that uses the service hosted on the NAS would throw an error if not using the full chain.

Ofc it makes sense of the whole path needs to a valid one as Alexa expects it. Glad you got it going.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top