Hi,
請選擇管理功能:
College
win_nas
請先選擇語言
Deutsch
Global English
English
italiano
français
Nederlands
русский
日本語
繁體中文
简体中文
한국어
Česká
Español
Türk
Português
Svenska
Polish
Thai
Magyar
Vietnamese
Finnish
Back to college List
Date:
Topic_id:
Subject:
Description:
content:
<h4><strong>COURSE OBJECTIVES</strong></h4> <p><span style="line-height: 1.5;">Upon completion of this course you should be able to:</span></p> <ol> <li>Install a certificate to your ASUSTOR NAS.</li> <li>Use HTTPS to ensure communication security between your NAS and client devices.</li> </ol> <br /> <h4><strong>PREREQUISITES</strong></h4> <p><span style="line-height: 1.5;"><strong><i>Course Prerequisites:</i></strong></span></p> <p><span style="line-height: 1.5;"><a href="https://www.asustor.com/online/College_topic?topic=224" target="_blank" rel="noopener">NAS 224: Remote Access - Manual Connect</a></span></p> <p><span style="line-height: 1.5;"><strong><i>Students are expected to have a working knowledge of:</i></strong></span></p> <p><span style="line-height: 1.5;">DDNS</span></p> <br /> <h4><strong>OUTLINE</strong></h4> <p><a href="#hs1">1. Introduction</a></p> <p><a href="#hs2">2. Enabling HTTPS and DDNS</a></p> <p style="padding-left: 20px;"><a href="#hs21">2.1 Enabling HTTPS Connections in ADM</a></p> <p style="padding-left: 20px;"><a href="#hs22">2.2 Enabling HTTPS for the web server</a></p> <p style="padding-left: 20px;"><a href="#hs23">2.3 Configuring DDNS</a></p> <p><a href="#hs3">3. Adding a Signed Certificate</a></p> <p style="padding-left: 20px;"><a href="#hs31">3.1 Manually importing a certificate</a></p> <p style="padding-left: 20px;"><a href="#hs32">3.2 Getting a certificate from Let's Encrypt</a></p> <br /><br /><hr /><br /> <h4><strong><a name="hs1"></a>1. Introduction</strong></h4> <p><span style="line-height: 1.5;">HTTPS (also called HTTP over TLS, HTTP over SSL, and HTTP Secure) is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security or its predecessor, Secure Sockets Layer.<br />In its popular deployment on the internet, HTTPS provides authentication of the website and associated web server with which one is communicating, which protects against man-in-the-middle attacks.</span></p> <p><span style="line-height: 1.5;"><span class="glyphicon glyphicon-info-sign"></span> <strong>Note: Within a local network, connecting to your NAS with its local network IP through HTTPS will produce an error message informing you the connection is not secure. This is normal. You can just use HTTP connection instead within a local network.</strong></span></p> <br /> <p><span style="line-height: 1.5;">The following are the most common connections using HTTPS on ASUSTOR NAS:</span></p> <ol> <li>Logging into ADM from a browser to manage, configure and use an ASUSTOR NAS. Click <a href="#hs21"><u>here</u></a> to enable ADM HTTPS connection and configure the port.</li> <li>Installing and enabling a web server on the NAS to host personal websites.<br />Example: Installing Wordpress to host a personal website and have all connections use HTTPS. Click <a href="#hs22"><u>here</u></a> to learn how to enable web server HTTPS connections and configure ports.</li> </ol> <br /><br /> <h4><strong><a name="hs2"></a>2. Enabling HTTPS and DDNS</strong></h4> <p><span style="line-height: 1.5;">Current web browsers have strict restrictions on HTTPS connections. To connect to ADM or a web server through a DDNS URL using HTTPS, a valid TLS/SSL certificate for domain name must be set.</span></p> <br /> <p><b><b><a name="hs21"></a>2.1 Enabling HTTPS Connections in ADM</b></b></p> <ul> <li>Log in to ADM using an administrator account.</li> <li>Select <strong>[Settings] <span class="glyphicon glyphicon-arrow-right"></span> [General] <span class="glyphicon glyphicon-arrow-right"></span> [Management]</strong>.</li> <li>Select <strong>[Enable HTTP Secure (HTTPS)]</strong>. The default HTTPS port for ADM is 8001.</li> </ul> <p style="padding-left: 40px;"><span class="glyphicon glyphicon-exclamation-sign"></span> <span style="color: mediumblue;">To decrease the risks to your NAS when exposed to the Internet, it is advised that the default values for HTTP and HTTPS ports be changed.</span></p> <ul> <li>Select <strong>[Automatically change HTTP connections to HTTPS connections.]</strong>.</li> <li>Click on [Apply] to make the configurations effective.</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20230117172119_ADM_https_port.png" alt="" width="880" height="528" title="" align="" /></p> <br /><br /> <p><b><b><a name="hs22"></a>2.2 Enabling HTTPS for the web server</b></b></p> <p><span style="line-height: 1.5;"><strong>ADM 5.1.2:</strong></span></p> <ul> <li>Log in to ADM using an administrator account.</li> <li>Select <strong>[Web Center] <span class="glyphicon glyphicon-arrow-right"></span> [Web Server]</strong>.</li> <li>Click <img src="https://www.asustor.com/images/tinymce/upload_img_20260210152252_web_server_settings_icon.png" width="30" height="30" alt="" />.</li> <li>Select the <strong>[Enable secured Web server port]</strong>. The default port for Web Server HTTPS is 443. You may configure another port if you wish.</li> <li>Click on [OK] to make the configurations effective.</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20260210152337_Web_Center_web_server_new.png" alt="" width="800" height="480" /></p> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20260211110708_Web_Center_web_server_new_setting.png" alt="" width="800" height="480" /></p> <br /> <div class="panel-group" id="accordion" role="tablist" aria-multiselectable="true"> <div class="panel panel-default"> <div class="panel-heading" role="tab" id="heading3"> <h4 class="panel-title"><a role="button" data-toggle="collapse" data-parent="#accordion" href="#collapse3" aria-expanded="true" aria-controls="collapse3"><i class="more-less glyphicon icofont-rounded-down"></i> ADM 4.0 ~ ADM 5.1.1:</a></h4> </div> <div id="collapse3" class="panel-collapse collapse" role="tabpanel" aria-labelledby="heading3"> <div class="panel-body"> <ul> <li>Log in to ADM using an administrator account.</li> <li>Select <strong>[Web Center] <span class="glyphicon glyphicon-arrow-right"></span> [Web Server]</strong>.</li> <li>Select the <strong>[Enable secured Web server port]</strong>. The default port for Web Server HTTPS is 443. You may configure another port if you wish.</li> <li>Click on [Apply] to make the configurations effective.</li> </ul> <p><img src="https://www.asustor.com/images/kindeditor/image/20210709/20210709065355_67739.png" alt="" width="880" height="524" title="" align="" /></p> </div> </div> </div> </div> <br /> <div class="panel-group" id="accordion" role="tablist" aria-multiselectable="true"> <div class="panel panel-default"> <div class="panel-heading" role="tab" id="heading1"> <h4 class="panel-title"><a role="button" data-toggle="collapse" data-parent="#accordion" href="#collapse1" aria-expanded="true" aria-controls="collapse1"><i class="more-less glyphicon icofont-rounded-down"></i> ADM 3.5:</a></h4> </div> <div id="collapse1" class="panel-collapse collapse" role="tabpanel" aria-labelledby="heading1"> <div class="panel-body"> <ul> <li>Select <b>[Services] <span class="glyphicon glyphicon-arrow-right"></span> [Web Server]</b>.</li> </ul> <p><img src="https://www.asustor.com/images/kindeditor/image/20201120/20201120124655_53233.png" alt="" width="880" height="529" title="" align="" /></p> </div> </div> </div> </div> <br /><br /> <p><b><b><a name="hs23"></a>2.3 Configuring DDNS</b></b></p> <p><span style="line-height: 1.5;">Before applying for a valid SSL/TLS certificate, you need to set up DDNS first. Click <a href="https://www.asustor.com/online/College_topic?topic=224#mc4" target="_blank" rel="noopener"><u><span style="color: mediumblue;">here</span></u></a> to configure DDNS settings.</span></p> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20220812165844_enable_DDNS_41_IPv6.png" alt="" width="800" height="479" /></p> <br /><br /><br /> <h4><strong><a name="hs3"></a>3. Adding a Signed Certificate</strong></h4> <p><span style="line-height: 1.5;">There is a default ASUSTOR signed certificate built into ADM, but browsers will not trust this certificate because it is not signed by a third party. Therefore, when you connect to your ASUSTOR NAS using HTTPS, you will see a privacy error message. (Shown in the graphic below using Google Chrome as an example)</span></p> <p><span style="line-height: 1.5;">You can click on the "<u>Proceed to x.x.x.x (unsafe)</u>" link to skip past page and log in to ADM. However, in order to correctly verify the identity of your ASUSTOR NAS and ensure secure communication, you must get a signed certificate from a trusted certificate authority and import it into ADM.</span></p> <br /> <p><img src="https://www.asustor.com/images/kindeditor/image/20160826/20160826183421_41232.png" alt="" width="800" height="605" title="" align="" /></p> <br /><br /> <p><b><b><a name="hs31"></a>3.1 Manually importing a certificate</b></b></p> <p><span style="line-height: 1.5;">If you already have a registered domain name, and have a signed certificate from a certificate authority, you can use the following steps to import the certificate into ADM.</span></p> <p><span style="line-height: 1.5;">If you haven't applied for a valid certificate for your domain name from a trusted certificate authority, click <a href="#hs32"><u>here</u></a> to obtain a certificate from Let's Encrypt.</span></p> <br /> <p><span style="line-height: 1.5;"><strong>STEP 1</strong></span></p> <ul> <li>Log in to ADM, select <strong>[Settings] <span class="glyphicon glyphicon-arrow-right"></span> [Certificate Manager]</strong> and then click on [Add].</li> </ul> <p><img src="https://www.asustor.com/images/kindeditor/image/20201120/20201120124730_59471.png" alt="" width="880" height="529" title="" align="" /></p> <br /> <p><span style="line-height: 1.5;"><strong>STEP 2</strong></span></p> <ul> <li>Enter a name for the certificate and then click on [Next].</li> </ul> <p><img src="https://www.asustor.com/images/kindeditor/image/20201120/20201120124800_79729.png" alt="" width="600" height="515" title="" align="" /></p> <br /> <p><span style="line-height: 1.5;"><strong>STEP 3</strong></span></p> <ul> <li>Select <strong>[Import your SSL private key and certificate]</strong> and then click on [Next].</li> </ul> <p><img src="https://www.asustor.com/images/kindeditor/image/20201120/20201120124828_56919.png" alt="" width="600" height="515" title="" align="" /></p> <br /> <p><span style="line-height: 1.5;"><strong>STEP 4</strong></span></p> <ul> <li>Use the <strong>[Browse]</strong> buttons to select the <strong>[Private Key]</strong> (*.key or *.pem), <strong>[Certificate]</strong> (*.crt or *.pem) and [Intermediate Certificate] (optional) from your local machine and then click [Finish].</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/20211216094611_Import_certificate_s3.png" alt="" width="600" height="515" title="" align="" /></p> <br /><br /> <p><b><b><a name="hs32"></a>3.2 Getting a certificate from Let's Encrypt</b></b></p> <p><span style="line-height: 1.5;"><a href="https://letsencrypt.org/" target="_blank" rel="noopener">Let's Encrypt</a> is a free, automated, and open certificate authority (CA), that provides a trusted certificate for free to anyone who owns a domain name. Let's Encrypt issued certificates are recognizable by all Web browsers. The Certificate Manager in ASUSTOR NAS can directly connect to Let's Encrypt to generate a valid certificate and install it automatically. This helps you to enhance NAS security with an SSL connection in a fast and easy way at zero cost.</span></p> <p><strong>DNS Challenge support for myasustor.com on ADM 4.1 makes connecting to your NAS securely even easier. Port 80 no longer needs to be forwarded for Let's Encrypt certificates.</strong></p> <br /> <div class="panel-group" id="accordion" role="tablist" aria-multiselectable="true"> <div class="panel panel-default"> <div class="panel-heading" role="tab" id="heading2"> <h4 class="panel-title"><a role="button" data-toggle="collapse" data-parent="#accordion" href="#collapse2" aria-expanded="true" aria-controls="collapse2"><i class="more-less glyphicon icofont-rounded-down"></i> If you want to obtain or update Let's Encrypt certificates for non-myasustor.com domains or myasustor.com domains used in NAS devices running ADM 3.5 and 4.0, please ensure port 80 is successfully forwarded to the NAS.</a></h4> </div> <div id="collapse2" class="panel-collapse collapse" role="tabpanel" aria-labelledby="heading2"> <div class="panel-body"> <ul> <li>If you use an ASUS router or some of the routers that use port 80 by default, you may have to manually go to router settings to set up port forwarding for the ADM web server, which is also used for getting Let's Encrypt certificates. Click <a href="https://www.asustor.com/knowledge/detail/?group_id=1006" target="_blank" rel="noopener">here</a> to configure ports on the router.</li> <li>Please check if the WAN IP of the NAS with port 80 is forwarding to the ADM web server.</li> <li>Find the WAN IP in Manual Connect under Settings. <p><img src="https://www.asustor.com/images/kindeditor/image/20210311/20210311130927_14295.png" alt="" width="818" height="500" title="" align="" /></p> </li> <li>Enter ‘http://x.x.x.x:80’ into your web browser where ‘x’ represents the values of your NAS IP address. <p><img src="https://www.asustor.com/images/kindeditor/image/20210311/20210311131501_41478.png" alt="" /></p> </li> <li>If you see the following page, then you can continue setting up Let's Encrypt certificate acquisition on ADM. <p><img src="https://www.asustor.com/images/tinymce/upload_img_20220706173415_ADM_Web_Server_Default_page.png" alt="" width="900" height="506" title="" align="" /></p> </li> </ul> <br /> <p><span style="line-height: 1.5;">Please enable the web server in ADM and ensure that port 80 or another port that is set in your router is used for the web server. It does not have to use the default port. The default port number is 80.</span></p> <ul> <li>ADM 3.5: Select <b>[Services] <span class="glyphicon glyphicon-arrow-right"></span> [Web Server]</b>.</li> <li>Select <b>[Enable Web server]</b>.</li> </ul> <p><img src="https://www.asustor.com/images/kindeditor/image/20201120/20201120124916_91333.png" alt="" width="880" height="529" title="" align="" /></p> <p><img src="https://www.asustor.com/images/kindeditor/image/20201120/20201120124936_67116.png" alt="" width="880" height="529" title="" align="" /></p> <br /> <ul> <li>ADM 4.0: Select <b>[Web Center] <span class="glyphicon glyphicon-arrow-right"></span> [Web Server]</b>.</li> <li>Select <b>[Enable Web server]</b>.</li> </ul> <p><img src="https://www.asustor.com/images/kindeditor/image/20210709/20210709072348_56677.png" alt="" width="880" height="524" title="" align="" /></p> <p><img src="https://www.asustor.com/images/kindeditor/image/20210709/20210709072413_36998.png" alt="" width="880" height="524" title="" align="" /></p> <br /> <p><span style="line-height: 1.5;">Port 80 will be used to perform domain authentication while Let's Encrypt grants and renews certificates. Please be sure that your router forward port 80 correctly to your NAS for remote connection.</span></p> </div> </div> </div> </div> <br /> <p><span style="line-height: 1.5;"><strong>STEP 1</strong></span></p> <ul> <li>Log into ADM, select <strong>[Settings] <span class="glyphicon glyphicon-arrow-right"></span> [Certificate Manager]</strong> and then click on [Add].</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20230117172145_Certificate_manager.png" alt="" width="880" height="528" title="" align="" /></p> <br /> <p><span style="line-height: 1.5;"><strong>STEP 2</strong></span></p> <ul> <li>Enter a name for your certificate, set as default certificate and then click on [Next].</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20230117172158_create_certificate_s1.png" alt="" width="600" height="515" title="" align="" /></p> <br /> <p><span style="line-height: 1.5;"><strong>STEP 3</strong></span></p> <ul> <li>Select <strong>[Create certificate from Let's Encrypt]</strong>.</li> <li>Install Let's Encrypt ACME Client if the app is not installed on App Central.</li> <li>Click [Next].</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20230117172219_create_certificate_s2.png" alt="" width="600" height="515" title="" align="" /></p> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20230118134055_lets_encrypt_acme_client.png" alt="" width="880" height="508" title="" align="" /></p> <br /> <p><span style="line-height: 1.5;"><strong>STEP 4</strong></span></p> <br /> <p><span style="line-height: 1.5;"><strong>ADM 5.1.2:</strong></span></p> <ul> <li>Enter the following information: <ul> <li><strong>[Domain name]</strong>: Enter the domain name registered with the domain provider. For the use of myaustor.com, you can type your Cloud id and .myasustor.com together. For example, cloudid.myasustor.com.</li> <li><strong>[Subject Alternative Name]</strong>: If this certificate needs to be used on multiple domains, please enter the names of the other domains. (Not a necessary item.)</li> <li><strong>[Encryption Algorithm]</strong>: Select the encryption algorithm for the certificate.</li> <li><strong>[Update automatically when certificates expire.]</strong>: Let's Encrypt issued certificates will expire after 90 days. By selecting this option, ADM will automatically renew the certificate before the expiration date, if domain verification is successful.</li> </ul> </li> <li>Click on [Finish].</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20260211112945_create_certificate_s3_new.png" alt="" width="600" height="514" title="" align="" /></p> <br /> <div class="panel-group" id="accordion" role="tablist" aria-multiselectable="true"> <div class="panel panel-default"> <div class="panel-heading" role="tab" id="heading4"> <h4 class="panel-title"><a role="button" data-toggle="collapse" data-parent="#accordion" href="#collapse4" aria-expanded="true" aria-controls="collapse4"><i class="more-less glyphicon icofont-rounded-down"></i> ADM 4.0 ~ ADM 5.1.1:</a></h4> </div> <div id="collapse4" class="panel-collapse collapse" role="tabpanel" aria-labelledby="heading4"> <div class="panel-body"> <ul> <li>Enter the following information: <ul> <li><strong>[Domain name]</strong>: Enter the domain name registered with the domain provider. For the use of myaustor.com, you can type your Cloud id and .myasustor.com together. For example, cloudid.myasustor.com.</li> <li><strong>[E-mail]</strong>: Enter the e-mail address used to register for the certificate. Here you can use your NAS registration email if you want to use it with myasustor.com.</li> <li><strong>[Subject Alternative Name]</strong>: If this certificate needs to be used on multiple domains, please enter the names of the other domains. (Not a necessary item.)</li> <li><strong>[Update automatically when certificates expire.]</strong>: Let's Encrypt issued certificates will expire after 90 days. By selecting this option, ADM will automatically renew the certificate before the expiration date, if domain verification is successful.</li> </ul> </li> <li>Click on [Finish].</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20230117172230_create_certificate_s3.png" alt="" width="600" height="515" title="" align="" /></p> </div> </div> </div> </div> <br /> <ul> <li>The Let's Encrypt certificate will be granted to ADM.</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20230117172410_create_certificate_s4.png" alt="" width="880" height="528" title="" align="" /></p> <br /> <ul> <li>Enter the NAS URL followed by a colon and port number on your web browser to connect to your NAS through HTTPS.<br />Example: https://nasurl.myasustor.com:8001</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20230117172248_https_ddns_url_on_browser.png" alt="" width="900" height="506" title="" align="" /></p> <br /> <p><span style="line-height: 2.0;"><span class="glyphicon glyphicon-exclamation-sign"></span> Certificates for HTTPS connections only protect DDNS external connections through DDNS. When entering the NAS URL to connect to your NAS, a colon followed by the port number found in Settings must be used to connect to your NAS. <br />Example: https://nasurl.myasustor.com:8001</span></p> <p><span style="line-height: 2.0;">Within a local network, connecting to your NAS with its local network IP through HTTPS will produce an error message informing you the connection is not secure. This is normal. To continue to ADM, you may need to override this message. In Chrome or Edge, you may need to press "<i>Continue to x.x.x.x (Unsafe)</i>" after showing advanced and in Firefox, you'll need to press "<i>Accept the Risk and Continue</i>".</span></p> <ul> <li>Chrome or Edge:</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20240109162553_certificate_applied_not_for_IP.png" alt="" width="900" height="482" title="" align="" /></p> <ul> <li>Firefox:</li> </ul> <p><img src="https://www.asustor.com/images/tinymce/upload_img_20240110121146_certificate_applied_not_for_IP_firefox.png" alt="" width="900" height="506" title="" align="" /></p> <br /><hr /> <h3>Learn More</h3> <p><iframe width="560" height="315" src="https://www.youtube.com/embed/eBXlLV3ZPAE?si=aLL__SFV1IAhrkZR" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="allowfullscreen"></iframe></p>
Publish:
Don't Publish
Publish