Install SSL (letsencrypt) On Synology DSM5 Manually

听说DSM6支持Let’s Encrypt,但是咱用DSM5也不能落下!

  1. 使用ipkg安装一些必须的组件

ipkg install libcurl openssl grep mktemp bash git

  1. Clone Let’s Encrypt脚本仓库

mkdir /volume1/system

cd /volume1/system

git clone https://github.com/lukas2511/dehydrated

cd dehydrated

  1. 拷贝配置文(docs/example/config)件到 /etc/dehydrated/config,然后根据自己需求配置

  2. 创建并编辑 domains.txt
    mydomain.com a.mydomain.com
    mydomain.net a.mydomain.net

  3. 编辑 /etc/httpd/conf/extra/httpd-userdir.conf-user


Alias /.well-known/acme-challenge /var/www/dehydrated

Order allow,deny
Allow from all

由于我已经开启Https,所以在这里卡了好久,Https需要把上述代码加到如下配置文件:

/etc/httpd/conf/extra/httpd-ssl.conf-user

*后续如果你开启HSTS的话,更新证书会遇到问题,修改上述文件即可。

synoservicectl --restart httpd-user

  1. 生成证书

./dehydrated -c

  1. 计划任务
    ./dehydrated -c
    cp -f /volume1/system/dehydrated/certs/xxx/fullchain.pem /usr/syno/etc/ssl/ssl.crt/server.crt
    cp -f /volume1/system/dehydrated/certs/xxx/privkey.pem /usr/syno/etc/ssl/ssl.key/server.key
    synoservicectl --restart httpd-sys

保存到文件,添加执行权限,在DSM里添加计划任务即可。

Addon Xpenology BootStrap IPKG DSM 5

在Control Panel中开启SSH登陆,使用Putty登陆

cd /volume1/@tmp

wget http://ipkg.nslu2-linux.org/feeds/optware/syno-i686/cross/unstable/syno-i686-bootstrap_1.2-7_i686.xsh

chmod +x syno-i686-bootstrap_1.2-7_i686.xsh

sh syno-i686-bootstrap_1.2-7_i686.xsh

rm syno-i686-bootstrap_1.2-7_i686.xsh

ipkg update

ipkg upgrade

vi /etc/rc.local
#!/bin/sh

mount -o bind /volume1/@optware /opt

[ -x /etc/rc.optware ] && /etc/rc.optware start

exit 0

vi /root/.profile

PATH=/opt/bin:/opt/sbin/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin