Synology DiskStation Manager (DSM) 7.1 offers a robust and feature-rich operating system for Synology NAS devices. One of the essential security measures is configuring the Web GUI to use HTTPS. HTTPS ensures that all communications between the user and the NAS are encrypted, providing protection against cyber threats such as eavesdropping and man-in-the-middle attacks. This guide will walk you through the step-by-step process of enabling HTTPS on DSM 7.1.
Prerequisites
Before proceeding with the setup, ensure you have:
- A Synology NAS running DSM 7.1
- Admin access to the DSM Web GUI
- A valid SSL certificate (self-signed or from a certificate authority)
- Access to router settings (if port forwarding is required)
Step 1: Accessing DSM Web GUI
Open your web browser and enter your NAS’s IP address or hostname:
http://<your-nas-ip>:5000
Log in with an administrator account.
Step 2: Enabling HTTPS in DSM
To configure HTTPS for secure access:
- Navigate to Control Panel > Network > DSM Settings.
- Check the box labeled Automatically redirect HTTP connections to HTTPS.
- Ensure that HTTPS port is set correctly (default is 5001).
- Click Apply to save changes.
Step 3: Obtaining an SSL Certificate
To secure HTTPS, you need an SSL certificate. You have two main options:
Option 1: Using a Self-Signed Certificate
- Go to Control Panel > Security > Certificate.
- Click Add > Create a new certificate.
- Select Create a self-signed certificate and click Next.
- Fill in the required details such as domain name and location.
- Click Apply to generate and install the certificate.
Option 2: Obtaining a Certificate from a Trusted Authority
- In Control Panel > Security > Certificate, click Add > Get a certificate from Let’s Encrypt.
- Enter your domain name (must be publicly accessible).
- Provide an email address for renewal notifications.
- Click Apply to request and install the certificate.
Step 4: Assigning SSL Certificate to DSM
- In Control Panel > Security > Certificate, locate the installed certificate.
- Click Configure and assign the certificate to DSM services.
- Click OK and Apply to confirm.
Step 5: Adjusting Firewall and Router Settings
To ensure external access over HTTPS:
- In Control Panel > Security > Firewall, allow HTTPS traffic (port 5001 by default).
- If accessing DSM remotely, configure port forwarding on your router:
- Log into your router.
- Forward port 5001 to your NAS’s internal IP.
If you’re looking for more tools and software to enhance your system security or explore more software downloads, Get Into My PC offers a wide range of resources and applications tailored for your needs. Get Into My PC is a trusted software download site where you can find a variety of tools to optimize your NAS and overall system performance.
Step 6: Testing HTTPS Access
Open a new browser window and enter:
Verify that the browser does not show any security warnings. Check the SSL certificate details to confirm correct installation.
Troubleshooting
- SSL Certificate Not Trusted: Ensure the certificate is valid and installed correctly.
- Cannot Access DSM Over HTTPS: Check firewall settings and ensure HTTPS redirection is enabled.
- Let’s Encrypt Certificate Fails: Verify that your domain name is publicly accessible and that port 80 is open.
Conclusion
Enabling HTTPS on DSM 7.1 enhances security and protects sensitive data. By following this guide, you can secure your Synology NAS and ensure encrypted connections for web-based access. Regularly update and renew SSL certificates to maintain security best practices.