SSL Certificate for custom domain

Currently reading
SSL Certificate for custom domain

121
13
NAS
DS1821+
Operating system
  1. Windows
Mobile operating system
  1. Android
Hello there guys :)
I have issued certificate for myname.synology.me and ie when O am running webstation and put the above domain and connection is safe.

I have a custom domain customdomain.com that I redirected to myname.synology.me.
When the redirection indirect the URL changes to myname.synology.me but when I choose from the domain provider to use masking while redirected, the site becomes unsafe...

Is there any way to have https when I redirect with masking?
Tried some procedures with reverse proxy but I couldn't issue the certificates I wanted.
Anyone have a guidline how I could do it please??

Thank a lot
 
When the redirection indirect the URL changes to myname.synology.me but when I choose from the domain provider to use masking while redirected, the site becomes unsafe...
So if domain.tld gets redirected (as in 30x location moved) to myname.synology.me, thus replaced in the url you see in the browser, then only the https certificate for myname.synology.me should be relevant. I assume with "masking", you mean using a redirect like "http//anon.to/?https://myname.synology.me?

Can you provide an example?
 
My domain provider has an redirect option for my domain, in two ways. With or without masking. By masking I mean the url remains the same (mydomain.com) and without masking, if I type mydomain.com it changes to mydomain.synology.me
Only when I choose without masking I get SSL certificate ok. If I go through masking, I get SSL error... No
 
It could be implemented in multiple ways:
  • domain provider acts as reverse proxy and terminates the https security context, before establishing a new https security context to the service on the target host.
    • If the provider overrides the host header with mydomain.com, the service on the target host requires a valid certificate for mydomain.com.
    • if the provider leaves the host header as myhost.synology.me, the service on the target host requires a valid certificate for mydomain.sysnology.me. So if this would be the case, it would already be working.
  • domain provider does tls pass-through and directly sends traffic to the target host, so the https security context is terminated at the target host.
    • In this scenario the service on the target host needs a valid certificate for mydomain.com.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Tremendous stuff thank you fredbert.
Replies
4
Views
1,816
  • Question
Question ssl certificate
in /var/log/messages you will find more details for sure and there issues like this are stated. Still, I...
Replies
17
Views
3,325
This is a simple and yet effective solution for my lan (photo station, dsm administration). Thanks.
Replies
16
Views
31,462
OK. This is a remote location that I’m barely at. I’ll try that next time I’m there.
Replies
21
Views
24,975
Well said @fredbert. That's why I argued above that the author's logic can apply to many things in life...
Replies
10
Views
3,128
Ok, that is reassuring. I didn't know if it was required should the NAS need to be reset at a future...
Replies
2
Views
3,377
  • Question
I want to thank everyone for their replies. I've learned quite a bit. Ultimately, the client pivoted and...
Replies
6
Views
2,731

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top