Good evening,
I recently uploaded my new certificate from no-ip ddns and I was able to update the FTP and WebDAV only. My goal is to update the Https settings as well to use the new certificate. Please see below:
Thank you for your assistance,
Adam Brousseau
F5-221
Update Https Certificate on TOS 5
Re: Update Https Certificate on TOS 5
The HTTPS certificate does not currently support modification, which will affect the use of functions such as remote access.
To contact our team, please send email to following addresses, remember to replace (at) with @
Technical team: support(at)terra-master.com (for technical support)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Technical team: support(at)terra-master.com (for technical support)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
- redmagusclawmus
- Posts: 2
- Joined: 02 Aug 2022, 08:39
Re: Update Https Certificate on TOS 5
Understood. Thank you for your reply
Adam Brousseau
Adam Brousseau
Re: Update Https Certificate on TOS 5
Will we ever be able to use our own certificates for the web interface?
1. So that we do not have to have a cert warning each time we access the interface, I can have the cert match the domain
2. This seems like a shared cert that is installed on every TNAS device. It kind of defeats the purpose of having a cert to encrypt the traffic if anyone w/ a TNAS device has a copy of the private ke and can decrypt traffic from anyone's TNAS device.
Please let us update the cert with our own, thank you.
1. So that we do not have to have a cert warning each time we access the interface, I can have the cert match the domain
2. This seems like a shared cert that is installed on every TNAS device. It kind of defeats the purpose of having a cert to encrypt the traffic if anyone w/ a TNAS device has a copy of the private ke and can decrypt traffic from anyone's TNAS device.
Please let us update the cert with our own, thank you.
Re: Update Https Certificate on TOS 5
Hey everyone!
Same here, I generated a let's encrypt cert and uploaded it and was really surprised I couldn't use it.
I understand that this is a feature that can cause users to shoot themselves in the foot pretty badly, but perhaps hide it behind a big red warning?
Or allow the creation of alias that would use the cert?
Thanks!
Same here, I generated a let's encrypt cert and uploaded it and was really surprised I couldn't use it.
I understand that this is a feature that can cause users to shoot themselves in the foot pretty badly, but perhaps hide it behind a big red warning?
Or allow the creation of alias that would use the cert?
Thanks!
Re: Update Https Certificate on TOS 5
Oh, I just thought of a workaround.
I have a docker container running apache2 in my F2-223, so I figured I could configure a subdomain, get a let's encrypt cert, and reverse proxy to the NAS port.
Lo and behold, it works perfectly. I can now access https://nas.mydomain.com, and I get TOS with a valid cert.
I'm using something like this:
I'm disabling checks in the proxy because "https://yourcurrentNASurl:5443/" in my case isn't properly signed, since it's signed with the default *.tnas.link cert
Hope it helps someone.
Warm regards,
ByteJ
I have a docker container running apache2 in my F2-223, so I figured I could configure a subdomain, get a let's encrypt cert, and reverse proxy to the NAS port.
Lo and behold, it works perfectly. I can now access https://nas.mydomain.com, and I get TOS with a valid cert.
I'm using something like this:
Code: Select all
<VirtualHost *:443>
ServerName nas.mydomain.com
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerName off
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
ProxyPass / https://yourcurrentNASurl:5443/
ProxyPassReverse / https://yourcurrentNASurl:5443/
SSLCertificateFile /etc/whereverYouStoreYourCert/fullchain.pem
SSLCertificateKeyFile /etc/whereverYouStoreYourCert/privkey.pem
</VirtualHost>
Hope it helps someone.
Warm regards,
ByteJ
Re: Update Https Certificate on TOS 5
It is possible to do it manually, at least for the nginx component listening on :5443.
I had uploaded my locally-generated cert from my local CA and found that the GUI then showed NO certs, so I manually edited nginx.conf and added my certs locally. It works like any other nginx and so far I am happy.
I had uploaded my locally-generated cert from my local CA and found that the GUI then showed NO certs, so I manually edited nginx.conf and added my certs locally. It works like any other nginx and so far I am happy.
Re: Update Https Certificate on TOS 5
Would it be possible for either of you to give a bit of a step-by-step walkthru of the process you used? I'd like to get past the 'insecure site' warning every time I connect, but I don't know my way around the innards of this platform yet.
rfc1920 wrote: ↑16 Mar 2023, 02:34 It is possible to do it manually, at least for the nginx component listening on :5443.
I had uploaded my locally-generated cert from my local CA and found that the GUI then showed NO certs, so I manually edited nginx.conf and added my certs locally. It works like any other nginx and so far I am happy.
ByteJunk wrote: ↑11 Mar 2023, 08:29 Oh, I just thought of a workaround.
I have a docker container running apache2 in my F2-223, so I figured I could configure a subdomain, get a let's encrypt cert, and reverse proxy to the NAS port.
Lo and behold, it works perfectly. I can now access https://nas.mydomain.com, and I get TOS with a valid cert.
I'm using something like this:I'm disabling checks in the proxy because "https://yourcurrentNASurl:5443/" in my case isn't properly signed, since it's signed with the default *.tnas.link certCode: Select all
<VirtualHost *:443> ServerName nas.mydomain.com SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerName off SSLProxyCheckPeerCN off SSLProxyCheckPeerExpire off ProxyPass / https://yourcurrentNASurl:5443/ ProxyPassReverse / https://yourcurrentNASurl:5443/ SSLCertificateFile /etc/whereverYouStoreYourCert/fullchain.pem SSLCertificateKeyFile /etc/whereverYouStoreYourCert/privkey.pem </VirtualHost>
Hope it helps someone.
Warm regards,
ByteJ
- dianzisongyang
- Posts: 10
- Joined: 15 Jan 2024, 20:38
Re: Update Https Certificate on TOS 5
Chiming in from 2024; still looking for help with how to just enable HTTPS and get past the insecure site warning. I uploaded the default TNAS cert to my web browsers but still no dice. It says upload successful, yet personal or other cert libraries don't get the cert installed... You'd think TerraMaster would have their own guide, but sadly: nothing.
Re: Update Https Certificate on TOS 5
{L_BUTTON_AT}dianzisongyang
If you are referring to TOS's HTTPS SSL certificate, please refer to this to update them:
viewtopic.php?f=78&t=4243
If you want to customize the certificate, this feature is currently not supported.To contact our team, please send email to following addresses, remember to replace (at) with @:
Technical team: support(at)terra-master.com (for technical support)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Technical team: support(at)terra-master.com (for technical support)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)