Page 1 of 1

[HOW-TO] Replace SSL Certificate using

Posted: Tue Sep 15, 2020 12:36 am
by FNLLC459
Hello everyone,
I recently struggled to get an existing Certificate on a new TS-672N, Version I was receiving "The Certificate is Illegal" error message. Turns out I was not using the correct Private Key.
The TS-672N is a replacement unit for an old TS-459 Pro II which had a Certificate from
I wanted to share the steps I used to complete this process in hopes that it helps others.

01.) Create a sub-folder in any shared folder (i.e. Public\SSL)

02.) SSH into the QNAP

03.) Change directory to new sub-folder
cd /share/CACHEDEV1_DATA/Public/SSL (Case Sensitive)

01.) Purchase Certificate from SSLs or Re-Key (STEP 1)

02.) STEP 2, Create CSR & Key
Choose Enter CSR
Copy "Create CSR In A Command Line"

03.) Paste into QNAP SSH session (Step 3 above)

04.) Open CSR file in /Public/SSL folder on the NAS

05.) Copy the entire Certificate Request (including the BEGIN and END Lines)
Paste into the "Enter CSR" box on SSLs website

06.) Confirm access to SSL Domain

07.) Wait for and open Domain Control Validation Email and following instructions

08.) Wait for and open the SSL Certificate Email
Save & Extract the contents of the attached ZIP file

09.) Import the certificate file on the NAS: (Control Panel -> Security -> Certificate & Private Key)
Click Replace Certificate, select Import Certificate
Certificate = *.crt file (Use the *.crt file from the SSL Certificate Email)
Private Key = *.pem file (Use the *.pem file created in step 3, located in /Public/SSL)
Intermediate Certificate is Optional
Click Apply

10.) Logout & Close the web page
Re-open the NAS web page using the SSL Domain, check for proper Certificate in the web browser
Check Certificate properties on the NAS (Control Panel -> Security -> Certificate & Private Key)