tested on DSM 7.0
2022, Laurent Ghigonis [email protected]
$ synoadm
usage: ./synoadm <synology_ip> <action>
actions
push_ssl_cert <domain.fullchain.pem> <domain.key>
set_htaccess <htpasswd_file> <message>
environment variables
SSH=sshIf you are using synoadm set_htaccess, before upgrading your Synology device you have to disable the htaccess and re-enable it afterwards.
Disabling htaccess can be done before or after reboot with the following command:
mv /etc/nginx/conf.d/alias.htaccess.conf /root
/usr/syno/bin/synosystemctl reload nginx
After you first log-in and check everything is running fine, re-enable htaccess:
mv /root/alias.htaccess.conf /etc/nginx/conf.d/
/usr/syno/bin/synosystemctl reload nginx
synoadm push_ssl_cert will set custom SSL certificates for the web interface managed by nginx. It has not been tested with other Synology services.
laptop $ synoadm 192.168.1.5 push_ssl_cert /tmp/domain.fullchain.pem /tmp/domain.key
$ openssl x509 -in /tmp/domain.fullchain.pem -text
$ openssl rsa -in /tmp/domain.key -text
writing RSA key
$ ssh [email protected] uname -ap
$ ssh [email protected] cat > /usr/syno/etc/certificate/_archive/yoUheE/fullchain.pem
$ ssh [email protected] cat > /usr/syno/etc/certificate/_archive/yoUheE/privkey.pem
$ ssh [email protected] chmod 600 /usr/syno/etc/certificate/_archive/yoUheE/privkey.pem
$ ssh [email protected] /usr/syno/bin/synosystemctl restart nginx
[nginx] restarted.
[*] done, 192.168.1.5 now uses new SSL certificates- Get ssh access to your device
see https://kb.synology.com/en-id/DSM/tutorial/How_to_login_to_DSM_with_root_permission_via_SSH_Telnet
- Allow 'root' user to log-in
put your public key in /root/.ssh/authorized_keys
$ sudo make installSynology NAS file management from command-line