747driver Posted August 13, 2021 Report Share Posted August 13, 2021 Where is the config file located on a Synology NAS running DSM 7? According to THIS page it should be in /usr/local/resiliosync/var/ but unfortunately it does not have a resiliosync folder. I did find a config file in /volume1/@appstore/resiliosync/app but it does not look like the one on THIS page. The reason why I am asking is because I want to add the required lines to use my own trusted certificate. Quote Link to comment Share on other sites More sharing options...
747driver Posted August 13, 2021 Author Report Share Posted August 13, 2021 (edited) After many hours of trial&error I found the solution. Created a Shared folder with the name ResilioSync. Created a sub-folder with the name cert. Copied cert.pem and privkey.pem (own trusted certificate) into sub-folder cert. Used SSH to get into the Synology. Went to /volume1/@appstore/resiliosync/var In this folder you will find the configuration file sync.conf sudo vi sync.conf Enter password Add the 2 ssl lines as below: "force_https": true, "ssl_certificate" : "/volume1/ResilioSync/cert/cert.pem", "ssl_private_key" : "/volume1/ResilioSync/cert/privkey.pem" }, Save the file and restart (Stop/Start) Sync in the Package Center. Now refresh the Web UI page and the certificate issue should be solved. Edited August 18, 2021 by 747driver typo Quote Link to comment Share on other sites More sharing options...
No Thanks Posted December 12, 2021 Report Share Posted December 12, 2021 Thank you so much for coming back and sharing the fix Quote Link to comment Share on other sites More sharing options...
KV4ME Posted February 25, 2022 Report Share Posted February 25, 2022 Thx for sharing your knowledge! Quote Link to comment Share on other sites More sharing options...
ll111l1 Posted June 21, 2022 Report Share Posted June 21, 2022 what's the format of pem & key? it prints log infinitely: TLSPSK[0x00007f43f4b61540]: Supported ciphers: DHE-PSK-AES128-GCM-SHA256:DHE-PSK-AES256-GCM-SHA384 Quote Link to comment Share on other sites More sharing options...
747driver Posted June 21, 2022 Author Report Share Posted June 21, 2022 Don't know the format but I use the certificate from Control Panel - Security - Certificate - Action - Export certificate Quote Link to comment Share on other sites More sharing options...
Fondue Posted December 4, 2023 Report Share Posted December 4, 2023 I have installed Resilio (Synology 7.2) and getting issues with the certificate and login / password request. I never entered anything at the install so this boggled me. Anyway, trying the above solution but confused about the step about : > Copied cert.pem and privkey.pem (own trusted certificate) into sub-folder cert. Do I need to create a new certificate (frankly tried and failed. if this is the route, I need steps!) or are these files located somewhere on my Synology to copy over? I never had to deal with certificates before nor did I find any files for it. All help appreciated. Thanks! merci! it's Fondue time! Quote Link to comment Share on other sites More sharing options...
747driver Posted December 4, 2023 Author Report Share Posted December 4, 2023 You first need to create a certificate a explained HERE. Quote Link to comment Share on other sites More sharing options...
Fondue Posted December 4, 2023 Report Share Posted December 4, 2023 Thank you for your prompt reply. I looked at the link and watched the video and both tell me to register a domain name. ? Is this really the path to Resilio nirvana? It makes little sense to a home user. Quote Link to comment Share on other sites More sharing options...
Kworr Posted December 7, 2023 Report Share Posted December 7, 2023 Well, not exactly. You can use your own internal domain name, or subdomain. But for HTTPS you must provide a domain name to be encoded into certificate so that browser wouldn't mark your resource unsecure. PS: You can actually skip this and use plain HTTP over SSH, just make sure HTTP port is only available on localhost, then on your desktop do: # add to ~/.ssh/config Host your-server LocalForward 127.0.0.1:8888 127.0.0.1:8888 This way you would be able to access your instance on http://127.0.0.1:8888/ on your desktop, but only when your SSH link to the server is active. And it's also secure the same way your SSH connection is secure. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.