How to install Let’s Encrypt SSL Certificate on Xpenology

For more information about Let’s Encrypt see

Prerequisites before starting

  • Create the DNS records for the domain names you want to use. This is an A record which points to your WAN IP address.
  • Create a port forward for port 80 or 443 from you router to the IP of your Synology NAS. This is because of the automatic approval and is used for installing the certificate.
  • Make sure the Web Server is running. In the new DSM the webserver is moved to the Package Center. Install the package Web Station. You don’t have to enable the option personal website in the settings Screen of the Web Station.

Getting started with Let’s Encrypt and DSM 6.x

Next go to the Control Panel –> Security and click on the tab Certificate


Click on “Add” to begin creating a SSL Certificate

Select the option “Add a new certificate” en click on “Next”

We are going to use the FREE SSL Certificates from Let’s Encrypt, did I already said they are free? Select the option “Get a certificate from Let’s Encrypt” en click on “Next”

Now you can insert the correct domain names you are going to use to connect to your DSM. You can also provide alternative names to the certificate so you can use the same certificate. For the purpose of this example I will use the creative names: and

Click on “Apply”, there should be a screen stating Processing. Please wait… or when you didn’t follow the steps correctly meaby the following error.

When you get the this error make sure you didn’t made any typo’s, you created the correct DNS records, and your NAS is accessible via port 80.

When everything is okay your Synology NAS will restart the web server automatically.

The result!

When finished, your Synology NAS now has a valid SSL Certificate from the Let’s Encrypt Authority X1, please note that the issued certificates are only valid for 90 days.  It  should auto renew after 90 days.


Original  Article

3 thoughts on “How to install Let’s Encrypt SSL Certificate on Xpenology


    ok this is a great tutorial and pretty much everything makes since except for the first step. What is a DNS record and A record and is that like my DDNS form NoIP???

    Any help is appreciated. More over is there a free way to get the DNS and A records???

  2. Romain.

    Hello sorry its dosn’t works for me my fail message is please rexonnect you to dsm.
    I had xpenology dsm 6.1 version.
    And I can’t get the certificat let’s encrypt.
    However I had 80 et 443 port open everywhere and my nam domain works top.
    Please help me


Leave a Reply

Your email address will not be published. Required fields are marked *