个人居家共享云AS1002T AS1002T v2 AS1004T AS1004T v2 AS3102T AS3102T v2 AS3104T AS3202T AS3204T AS3204T v2
竞速储备云AS4002T AS4004T AS5202T AS5304T
专业储备云AS6102T AS6104T AS6202T AS6204T AS6208T AS6210T AS6302T AS6404T AS6204RS / AS6204RD AS6212RD
企业储备云AS7004T AS7010T AS7012RD / AS7012RDX
所有产品所有产品/NAS 比较 挑选您的 NAS 停售产品 性能
配件扩充装置 遥控器 RAM 模块 机架套件 网路介面卡 摄影频道授权
NAS 选购指南什么是 NAS? 为何选择华芸 NAS?
什么是 ADM功能概述 App Central 简介 App Central 特色第三方应用程式
产品功能化繁为简的 NAS 管理 储存管理 文件传输分享 数据备份与还原 系统与数据安全 服务器架设 使用者访问控制 轻松连线 虚拟化方案 效能优化 家庭娱乐 能源效率
应用推荐家用 / 个人工作室 企业十大应用 推荐给 Mac 用户 摄影储存及备份 7步骤成为相片管理大师 全罩式备份方案 飙速10G 快意储存 NAS 选购七大招 NAS 音乐伺服器 NAS 相片储存 NAS 监控方案 NAS 资安攻略 Plex多媒体娱乐 数位狂潮杂志应用报导
行动应用程式概述 AiData AiMusic AiVideos AiMaster AiFoto AiDownload AiRemote AiSecure
桌面应用程序ASUSTOR Backup Plan ASUSTOR Control Center ASUSTOR Download Assistant ASUSTOR EZ Connect ASUSTOR EZ SyncBeta
Upon completion of this course you should be able to:
1. Install a certificate to your ASUSTOR NAS
2. Use HTTPS to ensure communication security between your NAS and client devices
Students are expected to have a working knowledge of:
HTTPS (also called HTTP over TLS, HTTP over SSL, and HTTP Secure) is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security or its predecessor, Secure Sockets Layer.
In its popular deployment on the internet, HTTPS provides authentication of the website and associated web server with which one is communicating, which protects against man-in-the-middle attacks.
2. Enabling HTTPS
2.1 Enabling HTTPS for the ADM management interface
Log in to ADM using an administrator account. Select [Settings] > [General] > [Management]. Select the [Enable HTTP Secure (HTTPS)] checkbox. The default HTTPS port for ADM is 8001. You may configure another port if you wish. Select the [Automatically change HTTP connections to HTTPS connections.] checkbox.
Click on [Apply] to make the configurations effective.
2.2 Enabling HTTPS for the Web server
Log in to ADM using an administrator account. Select [Services] > [Web Server]. Select the [Enable secured Web server (SSL)] checkbox. The default port for Web Server HTTPS is 443. You may configure another port if you wish.
Click on [Apply] to make the configurations effective.
There is a default ASUSTOR signed certificate built into ADM, but browsers will not trust this certificate because it is not signed by a third party. Therefore, when you connect to your ASUSTOR NAS using HTTPS, you will see a privacy error message. (Shown in the graphic below using Google Chrome as an example)
You can click on the "Proceed to…website (unsafe)" link to skip past page and log in to ADM. However, in order to correctly verify the identity of your ASUSTOR NAS and ensure secure communication, you must get a signed certificate from a trusted certificate authority and import it into ADM.
If you already have a registered domain name, and have a signed certificate from a certificate authority, you can use the following steps to import the certificate into ADM.
Log in to ADM, select [Settings] > [Certificate Manager] and then click on [Add].
Enter a name for the certificate and then click on [Next].
Select [Import your SSL private key and certificate] and then click on [Next].
Use the [Browse] buttons to select the [Private Key], [Certificate] and [Intermediate Certificate] (optional) from your local machine and then click [Finish].
3.2 Getting a certificate from Let's Encrypt
Let's Encrypt (https://letsencrypt.org/) is a free, automated, and open certificate authority (CA), that provides a trusted certificate for free to anyone who owns a domain name. Let's Encrypt issued certificates are recognizable by all Web browsers. The Certificate Manager in ASUSTOR NAS can directly connect to Let's Encrypt to generate a valid certificate and install it automatically. This helps you to enhance NAS security with an SSL connection in a fast and easy way at zero cost.
If you use ASUS router or some of the router that use 80 port by default, you have to manually go to router settings to set up 80 port with your NAS internal network IP to enable Let's Encrypt.
(You can skip this part and process to STEP 0 if you are using non-ASUS router and the 80 port is not used by default.)
Your NAS internal network IP is 192.XX.XXX which can be found in Network settings like below picture.
ASUS Router settings:
Log in to ADM, select [Services] > [Web Server] and select the [Enable Web server] checkbox. Make sure to use the default port 80.
Do not check the [Enable secured Web server (SSL)] checkbox.
Select [Settings] > [Ease of Access] > [EZ-Router] and add Web service to the [Port Forwarding] list.
If your router does not support EZ-Router, please manually go to the router management interface to configure port forwarding.
Note: Before Let's Encrypt assigns certificates, it will use port 80 to execute domain verification. Therefore, please ensure that your NAS and router have port 80 open in order to allow connections from the Internet.
Log into ADM, select [Settings] > [Certificate Manager] and then click on [Add].
Enter a name for your certificate, set as default certificate and then click on [Next].
Select [Create certificate from Let's Encrypt] and then click on [Next].
Enter the following information:
[Doman name]: Enter the domain name registered with the domain provider. For the use of Myaustor.com, you can type your Cloud id and .myasustor.com together. For example, cloudid.myasustor.com.
[E-mail]: Enter the e-mail address used to register for the certificate. Here you can use your NAS registration email if you want to use it with myasustor.com.
[Subject Alterative Name]: If this certificate needs to be used on multiple domains, please enter the names of the other domains.(Not a necessary item.)
[Update automatically when certificates expire.]: Let's Encrypt issued certificates will expire after 90 days. By selecting this option, ADM will automatically renew the certificate before the expiration date, if domain verification is successful. Please ensure that your NAS and router have port 80 opened in order to allow for certificate updates.
Click on [Finish]. The Let's Encrypt certificate will be imported to ADM.
If you use http, the webpage will not be trusted by the browsers.
You have to use https like https://cloudid.myasustor.com:8001/portal/?CCCCCC .