Synology: Which TLS-SSL Profile Should I Choose?

Synology Which TLS-SSL Profile Should I Choose

Did you know you can choose the security level of HTTPS encrypted connections on your Synology NAS device? Do you host a WordPress website on your NAS and want to set up appropriate TLS/SSL Profile Level? In this article I will teach you how to change the TLS/SSL profile.

  • STEP 1

Please Support My work by Making a Donation.

  • STEP 2

Go to Control Panel / Security / Advanced. I strongly recommend you use Modern compatibility for your WordPress website. For example, the mariushosting.com domain name uses the Modern compatibility Profile Level. Follow the instructions in the image below.

  • Modern compatibility: Modern clients that support TLS 1.2, with no need for backwards compatibility. Only compatible with latest browsers and mobile devices.
  • Intermediate compatibility: Recommended configuration for a general-purpose server. Between the modern compatibility and the old backward compatibility.
  • Old backward compatibility: Services accessed by very old clients or libraries, such as Internet Explorer 8 (Windows XP), Java 6, or OpenSSL 0.9.8 – This option is not secure but is supported by most browsers and mobile devices.

Synology TLS SSL Profile 1

You can change the TLS/SSL Profile Level for every single one of the websites hosted on your Synology NAS by choosing “Custom Settings“. Follow the instructions in the image below.

Synology TLS SSL Profile 2

Difference Between SSL and TLS

  • SSL stands for Secure Socket Layer.
  • TLS stands for Transport Layer Security.

Do you Need to Replace Your SSL Certificate with a TLS Certificate?

No. Both SSL certificates and TLS certificates essentially mean the same thing: They’re both digital certificates that help to authenticate the server and facilitate the handshake process to create a secure connection.

How can you see which TLS or SSL version your domain has?

On the SSLLABS website you can test your domain name certificate hosted on your Synology NAS and find out which TLS/SSL version is currently in use.

Note: DSM 6.2.3 Update 2 supports TLS 1.2 as Modern Compatibility while DSM 7.0 support TLS 1.3 as Modern Compatibility.

This post was updated on Thursday / November 19th, 2020 at 11:42 PM