Stargate Posted August 9, 2021 Share #1 Posted August 9, 2021 I am running dsm 6.2.3. In one of my android app (ds file) I get a warning of not trusted SSL certificate when I try to log in using httpS. In other apps such as ds get ot ds audio it works fine. Any way to solve it without let's encrypt (90 days renewal downside)? A friend of mine has the same hardware and dsm version with no issues like mine. Quote Link to comment Share on other sites More sharing options...
Stargate Posted August 9, 2021 Author Share #2 Posted August 9, 2021 Would I solve the issue by deleting my current synology certificate and creating a new synology certificate? Any issues with that approach? Quote Link to comment Share on other sites More sharing options...
jensmander Posted August 11, 2021 Share #3 Posted August 11, 2021 Self-signed certificates are only accepted without warnings if they are imported in the device‘s trusted certificate storage/pool as root certfication authority. Quote Link to comment Share on other sites More sharing options...
Stargate Posted August 11, 2021 Author Share #4 Posted August 11, 2021 2 hours ago, jensmander said: Self-signed certificates are only accepted without warnings if they are imported in the device‘s trusted certificate storage/pool as root certfication authority. How can I solve the problem? I'm sort of a noob. Using the DS File app is not key to me. I can either try to fix the certificate issue or simply stop using that app as long as it doesn't mean any security risk. Would it work to simply renew the certificate? Any issues with that? Quote Link to comment Share on other sites More sharing options...
flyride Posted August 11, 2021 Share #5 Posted August 11, 2021 There really isn't anything to solve. The Synology self-signed cert does not exist in your browser, so the error is thrown. It's informational only, to help protect you from a very unlikely "man-in-the-middle" crypto attack where someone can intercept your data stream on your local network, and respond to you instead of your Synology. Needless to say, they need access to your LAN where both devices can be monitored. Unless you plan to use the Syno over the Internet (in which case you should get a properly signed cert with a short lifespan, i.e. LetsEncrypt), this is a virtually nil risk. Quote Link to comment Share on other sites More sharing options...
shrabok Posted August 11, 2021 Share #6 Posted August 11, 2021 (edited) @Stargate Are you using an ip address or non public domain name in the Address field? If so you'll likely be using a default self signed ssl certificate that synology generated. If that is how you're set up and you just want SSL without the warning, try the setting I mentioned below. If you in fact do want a proper signed ssl certificate for a public host, let me know. When you look at the DS file (android app) login screen, the bottom left corner has a "settings gear" under that is the "Login Settings" which has an option for "Verify certificate" you can uncheck it to avoid the invalid certificate errors if you don't have a signed ssl certificate. Edited August 11, 2021 by shrabok Quote Link to comment Share on other sites More sharing options...
Stargate Posted August 12, 2021 Author Share #7 Posted August 12, 2021 (edited) In my lan I use ip address. Over the internet I my ddns domain. I rarely use DS File out of my Lan, so I could stop using Ds File app if necessary in case that solves the problem. About the verification option you mentioned, I'll give it a try. I'm just surprised that my friend, who has got the same hardware and dsm version, has no such ssl issues. Other apps like Ds Get https work fine and I can use https over the internet. Edited August 12, 2021 by Stargate Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.