R2600- Change HTTP to HTTPS

Currently reading
R2600- Change HTTP to HTTPS

31
9
NAS
DS215J
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
I've recently changed from "Non-Secure HTTP" to "Secure HTTPS" for my 215J. This was not a easy task as I had attempted to perform this numerous times prior with the result being locked out. After following all the instructions, and being pleasantly surprised that the software "Automatically" opened Ports on the 2600 I was still unable to gain access over HTTPS. It took several help tickets to Synology and them gaining remote access till they discovered that the "Automatic" Port opening in fact failed to open 5000 & 5001..... Once that was accomplished, the NAS was now secure. But that left the 2600 Router... surely that would be easy, but no. I have been unable to find any documents from Synology on how to enact HTTPS on it. I was able to IMPORT the Certificate correctly I believe and turned on HTTP Traffic directed to HTTPS, but that Locked me out and had to turn that off.
Does anyone know the step x step procedure to turn on HTTPS on the 2600?
 

fredbert

Moderator
NAS Support
Subscriber
2,330
954
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Erm, HTTPS for the SRM web interface should already be enabled. When the router went through initial setup it will have created a self-signed SSL certificate and it uses this to secure all services. Have you tried...?

https://my_srm_router:8001

You web browser may complain because the certificate isn't signed but once you've told it trust it for this URL then it should work.
 
31
9
NAS
DS215J
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
Last edited:
I believe I did.... And it should all be working, but it still shows as unsecure, but as I mentioned Re-Directing HTTP to HTTPS locks me out. And your "8001 also failed for me. And I did try going in through HTTPS and that too is refusing entry. This issue may fall into the same category as the DSM where it should have opened Ports but failed. We'll see what the Help Desk comes up with as I've just created a Ticket as this should be a simple process....

Thanks though for your suggestions...
-- post merged: --

Here's the answer from Synology (responded in less than 3 hours)... Hopefully this might help anyone who has the same question.

The reason why your connection to your router is "Not secure" is because you're connecting via an IP address, and a local IP address at that.
You can connect via HTTP or HTTPS with an IP address, but it will never be "secure".
But what is most important to take away from all of this is that this does not matter what so ever. So my advise to you would be to just leave everything how it is.

A "not secure" connection means that you traffic is not hidden from others on the same network as you. You're connecting locally from a private network already, so already you're protected. The only "threat" would be from people that are also on your local home network, so there really isn't any threat.
If you wanted to get a "secure" connection to your router, you can, but doing so would leave you less secure. Because to have a "secure" connection would require you to make your router accessible over the internet.
Having a "not secure" local connection is far more secure then a "secure" connection accessible over the internet because being accessible over the internet opens you up to much more potentially unwanted connectivity.
If you do want your router accessible over the internet, then yes you would want a secure connection for this and you can get this. Do do this you will need a DDNS. You can get a free one with Synology:
First you will need to Allow external access to SRM

Then add a DDNS

Make sure you select the option to Request a certificate from Let's Encrypt

Then every time you connect you will have to connect with https://hostname.synology.me (or whatever hostname/provider you chose).
 

Shadow

Subscriber
672
234
NAS
DS216+II, DS118, DS718+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
Isn't it just this checkbox what you needed...?

1616098528735.png
 
31
9
NAS
DS215J
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Windows
Mobile operating system
  1. Android
No unfortunately.... and the instructions still need some tuning as I'm currently awaiting some clarification as its not accepting the same certificate I already have for the NAS....

The saga continues.....
 

fredbert

Moderator
NAS Support
Subscriber
2,330
954
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Are you sure it’s not your web browser blocking the connection because you use a self-signed SSL certificate.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top