Tailscale HTTPS Certificate on Synology NAS

Simmo Saan discusses the implementation of Tailscale for securing access to a Synology NAS, which was previously exposed to the internet. To enhance security, the author transitioned to using Tailscale, which requires HTTPS certificates for the NAS's Tailscale domain. The existing method of obtaining Let's Encrypt certificates was no longer viable since the NAS is not publicly accessible. The article highlights the use of the undocumented command `tailscale configure synology-cert` as the most effective solution for obtaining these certificates. The author provides a step-by-step guide for setting up Tailscale on the Synology NAS, including creating a scheduled task to automate the renewal of the certificates every 90 days. Users are instructed to navigate to the Synology DSM's Control Panel to set up the task, ensuring that the Tailscale command runs under the root user. After executing the task, users can manage the new certificate through the Synology DSM interface, allowing them to set it as the default certificate for various services.

- Tailscale enhances security for accessing Synology NAS remotely.

- The undocumented command `tailscale configure synology-cert` simplifies certificate management.

- A scheduled task can automate the renewal of HTTPS certificates every 90 days.

- Users must run the Tailscale command as the root user for proper functionality.

- The guide provides a clear step-by-step process for setup and management.