A while ago I wrote an guide on how to install a SSL from Namecheap onto your Synology. Soon after Let’s Encrypt support was added to Synology, I started getting requests for a guide.
The benefits of Let’s Encrypt certificates are that they are automated, short lifetimes (90 days) and that they are completely FREE!
Below is a quick guide on how to install Let’s Encrypt SSL on a Synology NAS!
Sure ad blockers have been around for a long while now, but those are typically only available for your web browsers and not ever device allows you to install them such as cell phones, media players, smart TV’s, etc. I came across a neat project that allows you to block web ads on every device in your network, called Pi-Hole.
In a nutshell Pi-Hole was developed to run on a Raspberry Pi, but will run on most any Debian based distro, and will act as a DNS server to which you point your devices or router to use as the DNS server so that all requests are filtered through Pi-Hole. Pi-Hole then blocks 100’s of thousands ad domains. All without having to use a single browser extension and for FREE!
I’ve been using the default setup on my Synology DS412+ with HTTPS enabled for a while now but knew it really wasn’t all that secure without a proper SSL certificate and creating a self-signed certificated isn’t all the much better and can be easily forged. I decided it was about time I used a “real” certificate to better secure the NAS.
Prerequisites before starting
- You need to own a domain name, for example MikeTabor.com and be able to receive email from the domain name.
If you don’t already have a webhost for the domain, I’d suggest BlueHost.Note: Bluehost also makes it easy to Start your own blog!
- You also need a DDNS service setup. In this case and for my use, I simply use the Synology DDNS service they offer for free.
- With those two setup, you will also want to add a CNAME DNS forward from your domain (or subdomain if you wish to go that route) to your DDNS service.
- Finally you’ll want to make sure Port Forwarding has been configured on your router.