Page 1 of 1

Who needs an SSL in qnap?

Posted: Thu Mar 05, 2020 9:38 am
by shivchal1
Hi Folks
I'm a novice user of Qnap NAS, primarily as a file system. I don't use webserver or any other apps. However I use Qnap's "myQnapCloud" to access files remotely.
I see that when I try to access files remotely through myqnapcloud.com (and qfile App), the connection in the browser is secure.

There is not need for me to buy an SSL certificate right? My assumption is only when you use webserver in qnap or use your own domain name, you need to buy/install SSL certificates. Am I right?

Re: Who needs an SSL in qnap?

Posted: Thu Mar 05, 2020 11:46 am
by dolbyman
please use vpn only to accesss your nas

an ssl cert does nothing to pretect you from exploits and bruteforce attacks

people are still posting weekly with hacked units

so out with that nas from the web

Re: Who needs an SSL in qnap?

Posted: Tue Mar 31, 2020 8:33 am
by greensabath
I use mycloudlink to remote into my qnap as well. I do not have an SSL Cert either. I don't believe this is necessary as the mycloudlink service uses QNAP's SSL Certs.

But, I would like to know as well what services you would use an SSL Cert for. I am assuming shivchal1 is referring to the License Center App.

I would also like to know if we do not plan on using SSL certs, can we just delete the License center app. It would be one less app to have to worry about updating and keeping the unit more secure.

Re: Who needs an SSL in qnap?

Posted: Tue Mar 31, 2020 9:01 am
by dolbyman
License center is for purchased program licenses ..not for certificates

Re: Who needs an SSL in qnap?

Posted: Tue Mar 31, 2020 10:40 am
by Moogle Stiltzkin
@4:00

https://www.youtube.com/watch?v=hExRDVZHhig

What is Secure Sockets Layer (SSL)?


Secure Sockets Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser, or a mail server and a mail client (e.g., Outlook).

SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server, they can see and use that information.

More specifically, SSL is a security protocol. Protocols describe how algorithms should be used. In this case, the SSL protocol determines variables of the encryption for both the link and the data being transmitted.

All browsers have the capability to interact with secured web servers using the SSL protocol. However, the browser and the server need what is called an SSL Certificate to be able to establish a secure connection.

SSL secures millions of peoples’ data on the Internet every day, especially during online transactions or when transmitting confidential information. Internet users have come to associate their online security with the lock icon that comes with an SSL-secured website or green address bar that comes with an Extended Validation SSL-secured website. SSL-secured websites also begin with https rather than http.
https://www.digicert.com/ssl/