Setting up a Cloudflare Origin Cert at a Synology NAS

Hello to the community,

I have been using Clouldfare for a while as a DNS provider for my personal domain.

I have configured a subdomain that is pointing at my Public IP address, where I am hosting a Synology NAS. It can be reached at https://nas.keepintouchwithus.com:5001.

Right now, I am using a Let’s Encrypt SSL certificate that is auto generated by the NAS and must be renewed every 3 months or so.

I am willing to set up and configure on my Syno a Cloudflare Origin CA certificate to replace the Let’s Encrypt current one.

No worries for the creation and download of the Cloudflare Origin CA certificate on my Cloudflare account but I am struggling at configuring my Syno host to use this certificate.

I understand the configuration depends on the main Web server used at one’s host.
I think my Syno is using Apache 2.4 as main web server.

The thing is SSL configuration file on a synology is generated based on a template and it’s useless editing the conf file itsel, as it will be regenerated at every boot of the NAS, if my understanding is correct.

So I need to adapt the following configuration lines to a my syno environment using templates for conf files.

This is where i am stuck !

I am actually not even 100% sure that I need to touch apache config, I may have to alter nginx (my synology NAS is also using nginx for some web services)

Anyone with experience at setting up full or Full strict SSL encryption with a synology NAS ?

Thanks a lot,

AFAIK you will need to import the certificate somewhere on their UI.

https://www.synology.com/en-global/knowledgebase/SRM/help/SRM/RouterApp/security_certificate looks promising, but you best clarify this at https://community.synology.com/

Hi,

To complement what Sandro said, i’ve found a video in youtube explaining how to do it step by step:

Br,