I am connecting to my DS main login screen through https via static IP (ie remotely).
It was bugging me having to click the "certificate not trusted" warnings because the standard synology certificate is not SSL/HTTPS (I think?)
So I looked into an LE SSL certificate. Took me ages but I got there in the end.
But now I have three questions:
1. If I am connecting to DSM via HTTPS but the connection/certificate is "not trusted" - traffic is still encrypted and so this warning is essentially an annoyance/cosmetic right? The certificate warning is more to do with sites you don't control rather than guaranteeing the encryption is in place...?
2. If I change the default certificate to the LE one, I still get a "not trusted" warning when trying to remote connect to DSM. I thought the whole point of the LE cert was to get rid of this? Have I done something wrong?
3. If I change the cert for everything in Security-Certificate-Settings from synology to LE, is this the "right" thing to do? Or will it screw things up?
Really all I want to be able to do is connect via SSL without warnings. Happy to pay for a cert if that's a viable route. THanks
It was bugging me having to click the "certificate not trusted" warnings because the standard synology certificate is not SSL/HTTPS (I think?)
So I looked into an LE SSL certificate. Took me ages but I got there in the end.
But now I have three questions:
1. If I am connecting to DSM via HTTPS but the connection/certificate is "not trusted" - traffic is still encrypted and so this warning is essentially an annoyance/cosmetic right? The certificate warning is more to do with sites you don't control rather than guaranteeing the encryption is in place...?
2. If I change the default certificate to the LE one, I still get a "not trusted" warning when trying to remote connect to DSM. I thought the whole point of the LE cert was to get rid of this? Have I done something wrong?
3. If I change the cert for everything in Security-Certificate-Settings from synology to LE, is this the "right" thing to do? Or will it screw things up?
Really all I want to be able to do is connect via SSL without warnings. Happy to pay for a cert if that's a viable route. THanks