mkdocs/docs/Synology/certificats.md

# Certificats



Tous les certificats se trouvent dans le dossier `/usr/syno/etc/certificate/_archive`, chacun dans son dossier (ici, cjN5Vb, Ks8Ngt, mqkgNA)

```bash
root@DS923:/usr/syno/etc/certificate/_archive# ls -la
total 72
drwx------ 5 root root  4096 Dec 25 15:50 .
drwxr-xr-x 9 root root  4096 Jan 14  2024 ..
drwx------ 2 root root  4096 Jan 13  2024 cjN5Vb
-rw------- 1 root root     7 Dec  8 01:49 DEFAULT
-rw------- 1 root root 23093 Dec 25 15:50 INFO
drwx------ 2 root root  4096 Nov 14 08:57 Ks8Ngt
drwx------ 2 root root  4096 Dec  8 01:49 mqkgNA
-rwx------ 1 root root 18832 Dec 25 15:48 SERVICES
-rw-r--r-- 1 root root    41 Jan 10  2024 .syno-ca-cert.srl
```



#### DEFAULT indique le certificat par défaut: 

```bash
nano DEFAULT

mqkgNA
```

```bash
root@DS923:/usr/syno/etc/certificate/_archive/mqkgNA# ls -la
total 24
drwx------ 2 root root 4096 Dec  8 01:49 .
drwx------ 5 root root 4096 Dec 25 15:50 ..
-r-------- 1 root root 2139 Dec  8 01:49 cert.pem
-r-------- 1 root root 1801 Dec  8 01:49 chain.pem
-r-------- 1 root root 3940 Dec  8 01:49 fullchain.pem
-r-------- 1 root root 3272 Dec  8 01:49 privkey.pem
```



#### INFO liste tous les certificats et leurs utilisations:

**Ks8Ngt** utilisé par Synology DSM

```json
   "Ks8Ngt" : {
      "desc" : "",
      "services" : [
         {
            "display_name" : "KMIP",
            "display_name_i18n" : "remote_key:kmip_tab_title",
            "isPkg" : false,
            "owner" : "root",
            "service" : "kmip",
            "subscriber" : "kmip"
         },
         {
            "display_name" : "Hyper Backup Vault",
            "display_name_i18n" : "HyperBackupVault:app:package_name",
            "isPkg" : true,
            "owner" : "root",
            "service" : "HyperBackupVault",
            "subscriber" : "HyperBackupVault"
         },
         {
            "display_name" : "Replication Service",
            "display_name_i18n" : "app:displayname",
            "isPkg" : true,
            "owner" : "root",
            "service" : "snapshot_receiver",
            "subscriber" : "ReplicationService"
         }
      ]
   },

```

**cjN5Vb** utilisé par Active Backup for Business

```json
   "cjN5Vb" : {
      "desc" : "Certificate created by Active Backup for Business",
      "services" : [
         {
            "display_name" : "Active Backup",
            "display_name_i18n" : "SYNO.ActiveBackup.AppInstance:app:package_name",
            "isPkg" : true,
            "owner" : "ActiveBackup",
            "service" : "ActiveBackup",
            "subscriber" : "ActiveBackup"
         }
      ],
      "user_deletable" : true
   },
```

**mqkgNA** est le certificat Let's Encrypt

```json
   "mqkgNA" : {
      "desc" : "Let's Encrypt",
      "services" : [
         {
            "display_name" : "Synology Drive Server",
            "display_name_i18n" : "SYNO.SDS.Drive.Application:app:pkg_name",
            "isPkg" : true,
            "owner" : "SynologyDrive",
            "service" : "SynologyDrive",
            "subscriber" : "SynologyDrive"
         },
         {
            "display_name" : "ds923.photos-nas.ovh",
            "isPkg" : false,
            "multiple_cert" : true,
            "owner" : "root",
            "service" : "FQDN",
            "subscriber" : "system",
            "user_setable" : true
         },
         {
            "display_name" : "photos-nas.ovh:443",
            "isPkg" : true,
            "multiple_cert" : true,
            "owner" : "root",
            "service" : "cbd90216-eab3-48ad-b957-fd11af0d558d",
            "subscriber" : "WebStation"
         },
         {
            "display_name" : "gitea.photos-nas.ovh",
            "isPkg" : false,
            "multiple_cert" : true,
            "owner" : "root",
            "service" : "12c8d3ad-54aa-4782-b929-a8be2fe56a67",
            "subscriber" : "ReverseProxy",
            "user_setable" : true
         },
         {
            "display_name" : "dockge.photos-nas.ovh",
            "isPkg" : false,
            "multiple_cert" : true,
            "owner" : "root",
            "service" : "13a1de2b-3659-44a6-9169-413b6f669684",
            "subscriber" : "ReverseProxy",
            "user_setable" : true
         },
      ],
      "user_deletable" : true
   }
}
```



#### SERVICES liste les services de DSM et les Reverses Proxy:

```bash
[
   {
      "display_name" : "KMIP",
      "display_name_i18n" : "remote_key:kmip_tab_title",
      "isPkg" : false,
      "owner" : "root",
      "service" : "kmip",
      "subscriber" : "kmip"
   },
   {
      "display_name" : "FTPS",
      "isPkg" : false,
      "owner" : "root",
      "service" : "ftpd",
      "subscriber" : "smbftpd"
   },
   {
      "display_name" : "DSM Desktop Service",
      "display_name_i18n" : "common:web_desktop",
      "isPkg" : false,
      "multiple_cert" : true,
      "owner" : "root",
      "service" : "default",
      "subscriber" : "system",
      "user_setable" : true
   },  
  {
      "display_name" : "home-assistant.photos-nas.ovh",
      "isPkg" : false,
      "multiple_cert" : true,
      "owner" : "root",
      "service" : "0aa5255b-fdb5-436b-9a7c-6cc5ad609c6e",
      "subscriber" : "ReverseProxy",
      "user_setable" : true
   },
   {
      "display_name" : "gitea.photos-nas.ovh",
      "isPkg" : false,
      "multiple_cert" : true,
      "owner" : "root",
      "service" : "12c8d3ad-54aa-4782-b929-a8be2fe56a67",
      "subscriber" : "ReverseProxy",
      "user_setable" : true
   },
   {
      "display_name" : "nmap.photos-nas.ovh",
      "isPkg" : false,
      "multiple_cert" : true,
      "owner" : "root",
      "service" : "f1a8b6b3-ec6e-45d7-a113-eb1088efa9b7",
      "subscriber" : "ReverseProxy",
      "user_setable" : true
   }
]
```