Hi all, the problem/topic in question is driving me crazy. I’ve looked all over the internet and although I found lots of tutorials none has worked. You are my last hope.
My case:
- external IP is static
- NAS is accessed only in private LAN, plus remotelly using VPN (no quickconnect, port forwarding etc)
- Asus router AX88U
What I need:
- SSL certificate for Dsm and all services (containers in docker). It’s not just a thing that is annoying (browser warnings), but also some containers (like Vault/Bitwarden) won’t work without it
- a domain name (with an SSL certificate) should point to the Nas/services/containers to both local LAN users and thise connecting through VPN
What I don’t want:
- open up a port on the router to the internet
- since I own a domain already (website hosted on a shared server), I don’t want to create a subdomain and then have it to pount to the local network
- Cloudflare account and stuff related to that process (if possible)
What I did:
- I created a subdomain. nas.example.com
- the cpanel used AutoSSL and generated the certificate for that subdomain
- I exported the certificate and added it to Synology (Security > Certificate). I didn’t put that certificate as default, I left the synology one as default
- under Network > General I turned on the option “Manually configure DNS server” and added 8.8.8.8 as primary and 8.8.4.4 as secondary. So far so good
- then I installed Pi-hole
- I changed the router’s DNS server to be the IP LAN address (static) of the NAS
- in pi-hole I added a DNS record that points my nas.example.com subdomain to the IP LAN address of the NAS.
- when I write in the browser nas.example.com it resolves to 192.168.x.x, so it seems that ip-hole is working but no SSL. It still gives the warning that there is no SSL certificate
I’m sure I’m missing some critical steps here. I’m not an experienced man. Please help.
In addition, if this gets fixed, will I be able then to access every service on the NAS with the SSL just by typing nas.example.com:7777 (example port for sonarr) or I will have to create multiple subdomains and add DNS records in pi-hole for every service/container in docker?
Thanks in advance!
My case:
- external IP is static
- NAS is accessed only in private LAN, plus remotelly using VPN (no quickconnect, port forwarding etc)
- Asus router AX88U
What I need:
- SSL certificate for Dsm and all services (containers in docker). It’s not just a thing that is annoying (browser warnings), but also some containers (like Vault/Bitwarden) won’t work without it
- a domain name (with an SSL certificate) should point to the Nas/services/containers to both local LAN users and thise connecting through VPN
What I don’t want:
- open up a port on the router to the internet
- since I own a domain already (website hosted on a shared server), I don’t want to create a subdomain and then have it to pount to the local network
- Cloudflare account and stuff related to that process (if possible)
What I did:
- I created a subdomain. nas.example.com
- the cpanel used AutoSSL and generated the certificate for that subdomain
- I exported the certificate and added it to Synology (Security > Certificate). I didn’t put that certificate as default, I left the synology one as default
- under Network > General I turned on the option “Manually configure DNS server” and added 8.8.8.8 as primary and 8.8.4.4 as secondary. So far so good
- then I installed Pi-hole
- I changed the router’s DNS server to be the IP LAN address (static) of the NAS
- in pi-hole I added a DNS record that points my nas.example.com subdomain to the IP LAN address of the NAS.
- when I write in the browser nas.example.com it resolves to 192.168.x.x, so it seems that ip-hole is working but no SSL. It still gives the warning that there is no SSL certificate
I’m sure I’m missing some critical steps here. I’m not an experienced man. Please help.
In addition, if this gets fixed, will I be able then to access every service on the NAS with the SSL just by typing nas.example.com:7777 (example port for sonarr) or I will have to create multiple subdomains and add DNS records in pi-hole for every service/container in docker?
Thanks in advance!