undefined | Better HN

0 pointschriscjcj3y ago0 comments

> Note that Synology DSM has built-in Let's Encrypt support

Yes... I tried going down that route. In my scenario, I'm accessing the NAS via its internal IP which is in an RFC1918 subnet. Let's Encrypt insists that you use a globally routable IP. If I used the public IP issed to me by my ISP, then I would have to map a port on my router and expose the NAS directly to the Internet. No way am I doing that.

I bought a cert through Namecheap and got 5 years for $29.95. That seemed quite reasonable to me. There was no problem getting it to work when I mapped the hostname to the NAS's internal IP. The only downside is that I have to go through a renewal process every year and install the updated cert on NAS. Not a huge deal; just one more thing I have to do.

0 comments

moogly3y ago

That all makes sense. Wanted to point out to others that there's potentially less of a hassle to set this up (if you're fine with opening port 80, as has been pointed out to me).

j / k navigate · click thread line to collapse

0 pointschriscjcj3y ago0 comments

> Note that Synology DSM has built-in Let's Encrypt support

0 comments

moogly3y ago

That all makes sense. Wanted to point out to others that there's potentially less of a hassle to set this up (if you're fine with opening port 80, as has been pointed out to me).

j / k navigate · click thread line to collapse