Domain and CSR Code Setup for Synology NAS

Domain and CSR Code Setup for Synology NAS

Assign a domain name

An SSL certificate for a website can only be issued for a fully qualified domain name (FQDN). Therefore, the first step is to assign the domain to your Synology DDNS service or the server IP.

The Synology DDNS service is available for free to Synology users at

Connect your FQDN by creating a CNAME record for the domain. Alternatively, you can set up an A record to direct the domain to your static server IP.

Note: In this guide, we will use “” as the example domain. Please make sure to replace it with your own domain or subdomain that requires securing.

CSR code generation

SSL activation starts with the CSR code (Certificate Signing Request). This code contains basic information about the Certificate, including your website name and contact details. Be sure that the CSR needs to be created on the hosting server where the SSL Certificate will be installed.

Step 1: Certificate management panel

Log into your server, navigate to the Control Panel menu, and click Security.

Step 2: Certificate tab

Select the Certificate tab in the top menu. Click CSR, check the Create certificate signing request (CSR) option in the pop-up window, and click Next.

Step 3: CSR code details

3. On the next screen, fill out the CSR details, using this example illustration for guidance. Once completed, click Next.

Step 4: Download CSR file

Click Download to save the folder containing your CSR code (.crt file) and Private key (.key file) on your computer.

Important: the matching Private key is essential for the SSL installation process. It must always match the CSR code that downloaded with it. Synology server doesn’t store the CSR code and Private key on their platform, so be sure to keep the Private key safe on your computer for when you need them.

Next you’ll go to the location on your computer where you saved the zipped file and extract 1) the CSR (file with .csr extension) and 2) the Private key (file with .key extension) so they can be opened.

You’ll keep the Private key file safe for later use. Open the .csr file using Notepad or another text editor. Copy the code including —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—– tags. Now you’re ready for the SSL activation process.