[How do you change the Self Signed Certificate with Let's Encrypt on Synology?]

I let the Synology Diskstation manage the let's encrypt certificate (renewal etc.). I transfer this certificate to resilio to use it for the webgui.

My Approach (DSM 6.2.4-25556 Update 6):

Log into the diskstation with admin rights. As root, create a subfolder in the resilio settings folder:

sudo -i
cd /usr/local/resiliosync/var
root@xxx:/usr/local/resiliosync/var# mkdir certificate
root@xxx:/usr/local/resiliosync/var# chown rslsync:users certificate
root@xxx:/usr/local/resiliosync/var# chmod 700 certificate

Back up the config file sync.conf:

root@xxx:/usr/local/resiliosync/var# cp sync.conf sync.conf.bak

Edit the config file and insert after the part

... "webui":{"force_https": true

the following:

,"ssl_certificate":"/usr/local/resiliosync/var/certificate/cert.pem","ssl_private_key":"/usr/local/resiliosync/var/certificate/privkey.pem"

 

Now, in the control panel create a new cron job:

As user root, have the following script run regularly, e.g. daily. This will copy the certificate to the folder you created above. This is only necessary when the certificate is renewed, but it does no harm to do it daily.

cp /usr/syno/etc/certificate/system/default/cert.pem /usr/local/resiliosync/var/certificate/cert.pem
chown rslsync:users cert.pem
chmod 600 cert.pem
cp /usr/syno/etc/certificate/system/default/privkey.pem /usr/local/resiliosync/var/certificate/privkey.pem
chown rslsync:users privkey.pem
chmod 600 privkey.pem

Run the job once and check the certificate folder you created above to see whether the certificates have been copied.

Finally, restart Resilio Sync in the packet manager to let it know the new config file.

 

At the moment it seems to work well. YMMV