Articles tagged as “tls”

Replacing the TLS certificate on a Synology NAS via the command line

Yesterday was the day that the TLS certificate of my Synology NAS expired. And since I have no monitoring to alert me, I only found out today. The bad news: HSTS was also enabled so my browser did not want to connect even though I told it to ignore the invalid certificate. The good news: I had enabled the SSH service. This allowed me to fix this situation via the command line interfaces (CLI).

OCSP Stapling in Nginx

The Heartbleed bug triggered a review of the configuration of my own web server. As a result I discovered that I had my Online Certificate Status Protocol (OCSP) stapling configured wrong. In this article I will briefly explain OCSP and OCSP stapling, what I had done wrong and what is a—as far as I now know—right way to implement OCSP stapling in Nginx.