Sync config file on Synology NAS

[747driver]

Where is the config file located on a Synology NAS running DSM 7?

According to THIS page it should be in /usr/local/resiliosync/var/ but unfortunately it does not have a resiliosync folder.

I did find a config file in /volume1/@appstore/resiliosync/app but it does not look like the one on THIS page.

The reason why I am asking is because I want to add the required lines to use my own trusted certificate.

[747driver]

After many hours of trial&error I found the solution.

Created a Shared folder with the name ResilioSync.

Created a sub-folder with the name cert.

Copied cert.pem and privkey.pem (own trusted certificate) into sub-folder cert.

Used SSH to get into the Synology.

Went to /volume1/@appstore/resiliosync/var

In this folder you will find the configuration file sync.conf

sudo vi sync.conf

Enter password

Add the 2 ssl lines as below:

       "force_https": true,

        "ssl_certificate" : "/volume1/ResilioSync/cert/cert.pem",

        "ssl_private_key" : "/volume1/ResilioSync/cert/privkey.pem"

    },

Save the file and restart (Stop/Start) Sync in the Package Center.

Now refresh the Web UI page and the certificate issue should be solved.

Edited August 18, 2021 by 747driver
typo

[No Thanks]

Thank you so much for coming back and sharing the fix

[KV4ME]

Thx for sharing your knowledge!

[ll111l1]

what's the format of pem & key? it prints log infinitely:

TLSPSK[0x00007f43f4b61540]: Supported ciphers: DHE-PSK-AES128-GCM-SHA256:DHE-PSK-AES256-GCM-SHA384

 

[747driver]

Don't know the format but I use the certificate from Control Panel - Security - Certificate - Action - Export certificate

[Fondue]

I have installed Resilio (Synology 7.2) and getting issues with the certificate and login / password request.  I never entered anything at the install so this boggled me.  Anyway, trying the above solution but confused about the step about :

> Copied cert.pem and privkey.pem (own trusted certificate) into sub-folder cert.

Do I need to create a new certificate (frankly tried and failed.  if this is the route, I need steps!) or are these files located somewhere on my Synology to copy over?  I never had to deal with certificates before nor did I find any files for it. 

All help appreciated.   Thanks!  merci!  it's Fondue time!

[747driver]

You first need to create a certificate a explained HERE.

[Fondue]

Thank you for your prompt reply.

I looked at the link and watched the video and both tell me to register a domain name.    ?    Is this really the path to Resilio nirvana?  It makes little sense to a home user.

[Kworr]

Well, not exactly. You can use your own internal domain name, or subdomain. But for HTTPS you must provide a domain name to be encoded into certificate so that browser wouldn't mark your resource unsecure.

PS: You can actually skip this and use plain HTTP over SSH, just make sure HTTP port is only available on localhost, then on your desktop do:

# add to ~/.ssh/config
Host your-server
    LocalForward 127.0.0.1:8888 127.0.0.1:8888

This way you would be able to access your instance on http://127.0.0.1:8888/ on your desktop, but only when your SSH link to the server is active. And it's also secure the same way your SSH connection is secure.