āļ§āļīāļ˜āļĩāļ•āļīāļ”āļ•āļąāđ‰āļ‡ SSL Certificate āļāļąāļš Zyxel NAS & Router

āļ§āļīāļ˜āļĩāļ•āļīāļ”āļ•āļąāđ‰āļ‡ SSL Certificate āđƒāļŦāđ‰āļāļąāļšÂ Â Zyxel NAS & Router

===============================

āļšāļĢāļīāļĐāļąāļ— āļĄāļĩāļšāļĢāļīāļāļēāļĢāļ•āļīāļ”āļ•āļąāđ‰āļ‡ SSL āđƒāļŦāđ‰āļāļąāļšÂ Zyxel NAS & Router āļ—āļļāļāļĢāļļāđˆāļ™
āļŠāļ™āđƒāļˆāļ•āļīāļ”āļ•āđˆāļ­ Line ID : @ir.th

===============================

1. Login āļĒāļąāļ‡ āļĢāļ°āļšāļšāļˆāļąāļ”āļāļēāļĢ Zyxel NAS āļ„āļĨāļīāļ Control Panel

 

2. āļŠāļĢāđ‰āļēāļ‡ CSR Code āđ„āļ›āļĒāļąāļ‡āđ€āļĄāļ™āļđ System > Create a Certificate 

āļ—āļģāļāļēāļĢāļ„āļĨāļīāļ Create āđ€āļžāļ·āđˆāļ­āļŠāļĢāđ‰āļēāļ‡ CSR Code āđƒāļŠāđ‰āđƒāļ™āļāļēāļĢāļ‚āļ­ āļ­āļ­āļāđƒāļšāļĢāļąāļšāļĢāļ­āļ‡āļ„āļ§āļēāļĄāļ›āļĨāļ­āļ”āļ āļąāļĒ  SSL Certificate

 

 

3. āļ—āļģāļāļēāļĢ Import SSL Certificate

āđ€āļĄāļ·āđˆāļ­āđ„āļ”āđ‰āđ„āļŸāļĨāđŒ SSL Certificate āđāļĨāđ‰āļ§āđƒāļŦāđ‰āļ—āļģāļāļēāļĢ Import āļ—āļĩāđˆāļ™āļĩāđˆ

 

āļ›āļąāļāļŦāļēāļ—āļĩāđˆāļ­āļēāļˆāļžāļš

  • āļ—āđˆāļēāļ™āļ•āđ‰āļ­āļ‡āļ—āļģāļāļēāļĢāļ­āļąāļžāđ€āļ”āļ—āđ€āļŸāļīāļĢāđŒāļĄāđāļ§āļĢāđŒ Zyxel NAS & Router āđ€āļ›āđ‡āļ™āđ€āļ§āļ­āļĢāđŒāļŠāļąāđˆāļ™āļĨāđˆāļēāļŠāļļāļ”
     
  • āđ‚āļŸāļĨāđ€āļ”āļ­āļĢāđŒ āđ€āļāđ‡āļš SSL Certificate
    • āļ—āļģāļāļēāļĢ SSH āļ”āđ‰āļ§āļĒ root āđ„āļ›āļĒāļąāļ‡ Zyxel Nas
    • vi /etc/zyxel/cert/default.cer << āļ„āļ·āļ­āđ„āļŸāļĨāđŒ Domain Certificate
    • vi /etc/zyxel/cert/key/default_key.cer << āļ„āļ·āļ­āđ„āļŸāļĨāđŒ private.key
    • vi /etc/zyxel/cert/CA.cer << āļ„āļ·āļ­āđ„āļŸāļĨāđŒ CARootCertificate-ca.crt
       
  • āđ‚āļŸāļĨāđ€āļ”āļ­āļĢāđŒ SSL āļŠāļģāļŦāļĢāļąāļš HTTPD Service
    • /etc/service_conf/CA.cer << āļ„āļ·āļ­āđ„āļŸāļĨāđŒ Domain Certificate
    • /etc/service_conf/CA.cer << āļ„āļ·āļ­āđ„āļŸāļĨāđŒ private.key
    • /usr/sbin/httpd -f /etc/service_conf/httpd.conf -t 
    • /etc/init.d/httpd.sh restart
       
  • 500 Internal Server āļ­āļēāļˆāđ€āļāļīāļ”āļˆāļēāļ Bug āļ‚āļ­āļ‡ firmware
    NAS326 NAS520 NAS540 NAS542 āđ€āļžāļĢāļēāļ°āļ§āđˆāļēāļĢāļ°āļšāļš generate ssl certificate āđ€āļ‚āļĩāļĒāļ™āļ—āļąāļšāļ•āļĨāļ­āļ”
    āļ§āļīāļ˜āļĩāđāļāđ‰ mv /etc/service_conf/CA.cer /etc/service_conf/CA.cer.bak

 

How to import ssl certificate on NAS series storage

https://mysupport.zyxel.com/hc/en-us/articles/360006916979--NSA-NAS-How-to-fix-certificate-error-on-browser-when-accessing-NAS-WebUI
https://community.zyxel.com/en/discussion/8527/nas326-install-ssl-certificate-via-scp
https://support.zyxel.eu/hc/en-us/articles/360011585960-How-to-import-Let-s-Encrypt-certificate-on-NAS-series-storage
 

Hard Fix firmware bug


find /etc/zyxel/cert -type f -delete

crontab -e

*/5 * * * * /bin/cat /etc/zyxel/custom_ssl/domain.crt > /etc/zyxel/cert/default.cer &&  /bin/cat /etc/zyxel/custom_ssl/private.key > /etc/zyxel/cert/key/default_key.cer

*/5 * * * * /bin/cat /etc/zyxel/custom_ssl/domain.crt > /etc/service_conf/CA.cer && /bin/cat /etc/zyxel/custom_ssl/private.key > /etc/service_conf/CA_key.cer && /etc/init.d/httpd.sh restart

 

mkdir /etc/zyxel/custom_ssl

# āļ—āļģāļāļēāļĢāļ­āļąāļžāđ‚āļŦāļĨāļ” ssl cert āđ„āļ›āļĒāļąāļ‡
/etc/zyxel/custom_ssl/domain.crt
/etc/zyxel/custom_ssl/private.key 

# āļžāļīāļĄāļžāđŒāļ„āļģāļŠāļąāđˆāļ‡
cat /etc/zyxel/custom_ssl/domain.crt | tee -a /etc/zyxel/cert/default.cer /etc/service_conf/CA.cer

cat /etc/zyxel/custom_ssl/private.key | tee -a /etc/zyxel/cert/key/default_key.cer /etc/service_conf/CA_key.cer 

/etc/init.d/httpd.sh restart

 

 

 

āđ„āļ­āđ€āļĢāļĩāļĒāļĨāļĨāļĩāđˆāđ‚āļŪāļŠ
āļŠāļģāļŦāļĢāļąāļšāļāļēāļĢāļŠāļ™āļąāļšāļŠāļ™āļļāļ™ āđāļĨāļ°āļŠāđˆāļ§āļĒāđ€āļŦāļĨāļ·āļ­
http://www.ireallyhost.com/support

 

 

 

 

āļ‚āđ‰āļ­āļāļģāļŦāļ™āļ”āđƒāļ™āļāļēāļĢāđ€āļœāļĒāđāļžāļĢāđˆāļšāļ—āļ„āļ§āļēāļĄ āļ‚āđˆāļēāļ§āļŠāļēāļĢ
** āļšāļ—āļ„āļ§āļēāļĄāļ™āļĩāđ‰āļĄāļĩāļĨāļīāļ‚āļŠāļīāļ—āļ˜āļīāđŒ āđ„āļĄāđˆāļ­āļ™āļļāļāļēāļ•āļīāđƒāļŦāđ‰āļ„āļąāļ”āļĨāļ­āļ āļ—āļģāļ‹āđ‰āļģ āļ”āļąāļ”āđāļ›āļĨāļ‡āļāđˆāļ­āļ™āđ„āļ”āđ‰āļĢāļąāļšāļ­āļ™āļļāļāļēāļ• **
āđ‚āļ›āļĢāļ”āļĢāļ°āļšāļļāđāļŦāļĨāđˆāļ‡āļ—āļĩāđˆāļĄāļē āļšāļĢāļīāļĐāļąāļ— āđ€āļ­āđ‡āļāļ‹āđŒāļ•āļĢāđ‰āļē āļ„āļ­āļĢāđŒāļ›āļ­āđ€āļĢāļŠāļąāđˆāļ™ āļˆāļģāļāļąāļ” / https://www.ireallyhost.com
āļ—āļąāđˆāļ§āđ„āļ›
SSL āļ„āļ·āļ­āļ­āļ°āđ„āļĢ , SSL Certificates āļŸāļĢāļĩāļ•āļīāļ”āļ•āļąāđ‰āļ‡ āļ‹āļ·āđ‰āļ­ SSL āļĢāļēāļ„āļēāļžāļīāđ€āļĻāļĐ āļ„āļĨāļīāļ!
Chrome āđāļŠāļ”āļ‡ "āđ„āļĄāđˆāļ›āļĨāļ­āļ”āļ āļąāļĒ" āļŦāļĢāļ·āļ­ "Not Secure" āļāļąāļšāđ€āļ§āđ‡āļšāđ„āļ‹āļ•āđŒāļ—āļĩāđˆāđ„āļĄāđˆāđƒāļŠāđ‰ HTTPS āđāļĨāļ° āļ§āļīāļ˜āļĩāļāļēāļĢāđāļāđ‰āđ„āļ‚
HTTPS āļ•āđˆāļēāļ‡āļˆāļēāļ HTTP āļ­āļĒāđˆāļēāļ‡āđ„āļĢ , SSL āļŠāđˆāļ§āļĒāđƒāļŦāđ‰āđ€āļ§āđ‡āļšāđ„āļ‹āļ•āđŒāļ™āđˆāļēāđ€āļŠāļ·āđˆāļ­āļ–āļ·āļ­āđ„āļ”āđ‰āļ­āļĒāđˆāļēāļ‡āđ„āļĢ
āļ›āļĢāļ°āđ‚āļĒāļŠāļ™āđŒ āđāļĨāļ° āļ‚āđ‰āļ­āļ”āļĩ āļ‚āļ­āļ‡ SSL Certificate āđāļĨāļ°āļāļēāļĢāđƒāļŠāđ‰āļ‡āļēāļ™āđ€āļ§āđ‡āļšāđ„āļ‹āļ•āđŒāļœāđˆāļēāļ™ HTTPS://
āļ›āļĢāļ°āđ€āļ āļ—āļ‚āļ­āļ‡ SSL Certificates - āļŠāļ™āļīāļ”āļ‚āļ­āļ‡āđƒāļšāļĢāļąāļšāļĢāļ­āļ‡āļ„āļ§āļēāļĄāļ›āļĨāļ­āļ”āļ āļąāļĒāđāļšāļšāļ•āđˆāļēāļ‡āđ†
āļ„āļđāđˆāļĄāļ·āļ­ / āļ§āļīāļ˜āļĩāļāļēāļĢāļ•āļīāļ”āļ•āļąāđ‰āļ‡ SSL Certificate āļŠāļģāļŦāļĢāļąāļš cPanel Web Control Panel
āļ§āļīāļ˜āļĩ Generate CSR Request āđāļĨāļ°āļŠāļĢāđ‰āļēāļ‡ Private Key āļšāļ™ cPanel āļ­āļĒāđˆāļēāļ‡āļ‡āđˆāļēāļĒ (āļ āļēāļžāļ›āļĢāļ°āļāļ­āļš)
āļ§āļīāļ˜āļĩāļ•āļīāļ”āļ•āļąāđ‰āļ‡ Install SSL Certificate āđ€āļžāļ·āđˆāļ­āļ—āļģ HTTPS āļšāļ™ cPanel (āļ­āļĒāđˆāļēāļ‡āļ‡āđˆāļēāļĒ,āļĄāļĩāļ āļēāļžāļ›āļĢāļ°āļāļ­āļš)
āļāļēāļĢāļ•āļīāļ”āļ•āļąāđ‰āļ‡ SSL āļœāđˆāļēāļ™āļĢāļ°āļšāļšāļ­āļąāļ•āđ‚āļ™āļĄāļąāļ•āļī AutoInstall SSLâ„Ē Plugin - Easy SSL Installation
āļšāļĢāļīāļāļēāļĢ SSL Certificate - āđ‚āļ”āļĒāđ„āļ­āđ€āļĢāļĩāļĒāļĨāļĨāļĩāđˆāđ‚āļŪāļŠ
āļ§āļīāļ˜āļĩāļ”āļēāļ§āđŒāđ‚āļŦāļĨāļ”āđƒāļšāļĢāļąāļšāļĢāļ­āļ‡āļ„āļ§āļēāļĄāļ›āļĨāļ­āļ”āļ āļąāļĒ , Download SSL Certificate āļˆāļēāļāļ—āļēāļ‡āđ„āļ­āđ€āļĢāļĩāļĒāļĨāļĨāļĩāđˆāđ‚āļŪāļŠ
āļ§āļīāļ˜āļĩāđ€āļ›āļīāļ”āđƒāļŠāđ‰āļ‡āļēāļ™ SSL Certificate , āļ‚āļ­āļ­āļ­āļāđƒāļšāļĢāļąāļšāļĢāļ­āļ‡āļ„āļ§āļēāļĄāļ›āļĨāļ­āļ”āļ āļąāļĒāđƒāļŦāļĄāđˆ , Request & Create New SSL Certificate