Synology GateOne not opening anymore on Synology as being "unsafe" due to an expired certificate.

There are many many reasons why sometimes GateOne does not open correctly on Synology. One of those is the expiration of your certificate.

Click to Read More

Notice that I am using my own packaging of GateOne for Synology (to be found here). In order to run properly, GateOne needs a copy of the certificates of your Synology. My Package is taking care of that during the installation. But if the system certificate expired or is renewed, GateOne will be in trouble as long as you don't copy yourself the renewed certificate into its setup folder. The symptoms are:

If you open GateOne in a DSM window, you get this: "The webpage at xxx might be temporarily down"

If you open GateOne in a new window, you get this: "Your Connection is not private", ERR_CERT_DATE_INVALID

If you click on Advanced, you see that "this server could not prove it is xxx : its security certificate expired xxx days ago":

If you click on "Proceed to xxx (unsafe)", GateOne will open in a new window. But if opened in the DSM, it will display the following messages:

To solve this, if you didn't renew your certificates yet, do it ! Go to the "Control Panel" > "Security" > "Certificate". Select your certificates one by one and open the "Add" menu + select "Renew certificate"

An alternative is to open a SSH console (See here) and execute the command: /usr/syno/sbin/syno-letsencrypt renew-all -vv

Once the certificates are renewed, in a SSH console, execute:

  • cp /usr/syno/etc/certificate/system/default/cert.pem /var/packages/MODS_GateOne/target/ssl/cert.pem
  • cp /usr/syno/etc/certificate/system/default/privkey.pem /var/packages/MODS_GateOne/target/ssl/privkey.pem
  • /usr/syno/bin/synopkg restart MODS_GateOne

Notice: the path "/var/packages/MODS_GateOne/target" is only valid for GateOne installed with my own package. The path of the official package is probably "/usr/local/gateone/ssl/".

Synology Web Consoles to execute bash commands on Synology

I am using two different Web Consoles to execute commands on my Synology : the Web Console of Nickolay Kovalev and GateOne.

Click to Read More

Such Web Consoles are a bit easier to launch than a ssh console via Putty (See here). They can be opened directly from the DSM of your Synology. Another advantage is that the Web Console is still valid (opened) when the PC goes to out of sleep/hibernation state.

To use the Web Console of Nickolay Kovalev, install my Synology Package "MODS_Web_Console" available on my SSPKS server or on my GitHub

It is very convenient to execute basic commands. But you can't use it to run vi, ssh, and otehr commands which interact with the display, the keyboard, etc...

To use the more advanced Web Console GateOne, install my Synology Package "MODS_GateOne" available on my SSPKS server or on my GitHub

It is really powerful and secure. You can use it to open multiple ssh sessions, edit files with vi, etc...