NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Utlover
Feb 15, 2008Aspirant
Any way to get rid of certificate error using Netgear/Jalbum
I followed the instructions from the How to section to setup my ReadyNas Nv+ to act as a webserver and it works flawlessly. So far, so good. The only problem I have is the certificate error which I ca...
CharlesLaCour
Dec 28, 2008Aspirant
When you add the exception to FireFox what you are doing is telling FireFox that it is OK to trust the certificate from your ReadyNAS. I would assume that you trust your ReadNAS so it is OK to add the exception.
In general FireFox is designed to be more secure than IE.
If you want to go as far as to enable ssh and enable ssh to root, which may cause Netgear to note support your device, you can replace your certificate.
First create a config file named readynas_ssl.conf with the following:
Replace the XX values with the info you want, it really doesn't matter since you are not going to have it signed by a CA. Replace the NAS_FQDN with the fully qualified name for your ReadyNAS. If you want to have multiple names for your ReadyNAS replace the NAS_Name1 and NAS_Name2 with the namesyou want. If you are going to only use one name remove the "subjectAltName" line and all of the lines after it.
In the same directory that you just created the readynas_ssl.conf file run the following commands:
Now make a backup of the existing certificate file:
Now replace the existing certificate:
Now restart Apache or just reboot the ReadyNAS.
In general FireFox is designed to be more secure than IE.
If you want to go as far as to enable ssh and enable ssh to root, which may cause Netgear to note support your device, you can replace your certificate.
First create a config file named readynas_ssl.conf with the following:
[ req ]
default_bits = 2048
default_md = sha1
#default_keyfile = key1
distinguished_name = req_distinguished_name
prompt = no
string_mask = nombstr
req_extensions = v3_req
[ req_distinguished_name ]
countryName = US
stateOrProvinceName = XX
localityName = XX
organizationName = XX
organizationalUnitName = XX
emailAddress = XX
commonName = NAS_FQDN
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = NAS_Name1
DNS.2 = NAS_Name2
Replace the XX values with the info you want, it really doesn't matter since you are not going to have it signed by a CA. Replace the NAS_FQDN with the fully qualified name for your ReadyNAS. If you want to have multiple names for your ReadyNAS replace the NAS_Name1 and NAS_Name2 with the namesyou want. If you are going to only use one name remove the "subjectAltName" line and all of the lines after it.
In the same directory that you just created the readynas_ssl.conf file run the following commands:
openssl genrsa 2048 > readynas.key
openssl req -new -x509 -nodes -sha1 -days 365 -key readynas.key -config readynas_ssl.conf > readynas.cert
cat readynas.cert readynas.key > readynas.pem
Now make a backup of the existing certificate file:
cp /etc/frontview/apache/apache.pem /etc/frontview/apache/apache.pem.orig
Now replace the existing certificate:
cp readynas.pem /etc/frontview/apache/apache.pem
Now restart Apache or just reboot the ReadyNAS.
Related Content
NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!