Control Panel-Security-Certificate

Currently reading
Control Panel-Security-Certificate

21
7
NAS
DS918+
Operating system
  1. Linux
  2. Windows
Mobile operating system
  1. iOS
Just ran the upgrade to 7.0 from 6.2 on a DS918+. While looking around and seeing what's "new" I ran across the following (first image below). Not sure what to do about it. It may have been this way prior to the upgrade. Not certain. Regardless I was hoping for some insight and guidance on what to do about it? Nothing to worry about? I have tried to "Renew certificate" but that just creates a file "archive.zip" with the following two files in it (second image). Not certain what to do with that either. Thanks for looking.
---
1633120677317.png

---
1633120962458.png

---
 
Just ran the upgrade to 7.0 from 6.2 on a DS918+. While looking around and seeing what's "new" I ran across the following (first image below). Not sure what to do about it. It may have been this way prior to the upgrade. Not certain. Regardless I was hoping for some insight and guidance on what to do about it? Nothing to worry about? I have tried to "Renew certificate" but that just creates a file "archive.zip" with the following two files in it (second image). Not certain what to do with that either. Thanks for looking.
---
View attachment 4566
---
View attachment 4567
---
Self-signed certs have been eliminated from dsm. You can try and import one but syno will not work with one crated by DSM and you do not have the option to make a new one.
 
As long you have services that do not use an ssl cert you don’t need it.
A little more confused here since you say there is no need for it in the first sentence but in the next sentence say the opposite if I have services that need it. If the first statement you made is correct and "Self-signed certs have been eliminated from dsm", then why would I have a service that uses a ssl cert? Never really answered the questions I was asking...

"so what should I do with it? Ignore it? Delete it? Does there need to be a default cert any longer?"
 
Self-signed certs are near useless.
Does there need to be a default cert any longer?"
Self-signed certs are next to useless. If you want to fake out your browser, you can find web resources that create a cert with a faked cert authority. Doing that does not add security to your system, but only provides a cosmetic solution to browsers flagging the local LAN IP.
 
Self-signed certs are next to useless
Next to, maybe but not totally. Some client apps will notify when a certificate changes, not renewed, but different. So if you are using a self-signed certificate and have checked that it is correct and connecting as you expect then when the app detects an unexpected change you can investigate without compromising credentials.

Not sure if there's a web browser that would alert in such a manner. Nor how many people would check the initial connection or when alerted.

@MRL_NAS if you access your NAS from the Internet then you can generate Let's Encrypt certificates. You can then make one of them as your default certificate. If you enable Synology DDNS then it will ask if you want it to generate a LE certificate.
 
Thanks @fredbert - that makes sense to me since I have another cert from R3 for the mentioned connection to the NAS from the internet. I am going to leave things as they are. Nothing seems that it is not working properly so if it ain't broke I am not fixing it. Appreciate the other reply's as well. Far from a power user here and frankly after a year still consider myself a newbie here but this forum has been a big help in my education.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
Thank you! That works and never saw the option. Thank you.
Replies
2
Views
3,612
  • Question
Just wondering what the general consensus is regarding the move online for access control solutions...
Replies
1
Views
839
Try adding them one-at-a-time, saving, logging out, restarting* your computer, then logging back in until...
Replies
12
Views
1,014
I receive the reports monthly, just actually got them on 2/1 and verified for some reason this is still...
Replies
4
Views
548
It took a while to get iOS Syno Drive Client to reset and ask for my 2FA to log back in. It was set up...
Replies
2
Views
440
  • Question
Unless your home network is CGNAT, Tailscale offers no real advantage over VPN or HTTPS. Keep it simple...
Replies
3
Views
1,180

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top