Install Root & Intermediate Certificate Bundles on QNAP!

Unfortunately QNAP does not have Root and Intermediate Certificate Bundles, which means that no system software (such as Curl or Wget) can easily access SSL sites.

The following guide, taken partially by Stefan Wienert, allows you to install the complete bundled root certificates.

Connect via SSH to your QNAP NAS and type the following commands:

# cd /share/
# curl https://curl.haxx.se/ca/cacert.pem -O -k
# mkdir certs
# cat cacert.pem | awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "certs/cert" n ".pem”}'
# cd certs
# for filename in cert*pem;do mv $filename `openssl x509 -hash -noout -in $filename`.0; done;
# cp *.0 /etc/ssl/certs/

I’ve tried in QTOS 4.2.x firmware released in May 2017 and it works perfectly.

 

0 0 votes
Article Rating
Subscribe
Notificami
guest
3 Commenti
più votati
più nuovi più vecchi
Inline Feedbacks
View all comments
Briain
06/05/2021 19:23

Hi Thank you for posting the above; it was very, very useful. In my case, I use Sophos UTM to do https inspection and thus I needed to get my own ‘dodgy’ CA installed on the Qnap. 😉 I just used gedit to edit my cacert.pem file and removed the lines above beginning and below end (lazy me), but when I tried the next part, the cert.pem resulted in an error, so I just changed that part to cacert.pem and it all worked perfectly, then I moved it into the certs directory (so the total CLI activity was as shown… Leggi il resto »

Briain
06/05/2021 19:27

Sorry, when I wrote that the cert.pem resulted in an error, I meant to write that the cert*pem resulted in an error (so I just changed that part to cacert.pem and it worked). I tried to edit my initial comment, but for some reason it won’t let me edit. All the best and thank you once again, Briain