What can I do if a certificate error occurs when playing videos on Synology mobile apps?

What can I do if a certificate error occurs when playing videos on Synology mobile apps?

Symptoms

If you sign in to Synology mobile applications with the HTTPS checkbox ticked, certificate errors might occur for security reasons when you play videos.

Diagnosis

To play videos over HTTPS, you need to configure port forwarding and acquire a valid SSL/TLS certificate. Even if you sign in to Synology mobile applications with a QuickConnect ID and enable HTTPS, you cannot play videos over HTTPS without a valid certificate. Under this circumstance, you can play videos only over HTTP.

Resolution

If you wish to have a secure HTTPS login and play videos, please follow the instructions below to configure both port forwarding and application settings.

Configure port forwarding

Port forwarding allows remote access to your Synology NAS. Once port forwarding is correctly configured, you can access your Synology NAS using a domain name anywhere.

  1. Buy a domain or register for a Synology DDNS hostname for free.
  2. Set up port forwarding rules on your router. Default HTTP/HTTPS ports of Synology video player applications are listed in the table below.

 

DS video
DS photo
DS file
Synology Moments
Synology Drive
Synology Photos
HTTP
5000
80
5000
5000
5000
5000
HTTPS
5001
443
5001
5001
5001
5001

 

  1. Get a free SSL/TLS certificate automatically from Let's Encrypt. You cannot play videos over HTTPS without a valid certificate.1

Configure application settings

After setting up port forwarding, please return to the application's page to configure settings according to your requirements.

If you wish to have a secure HTTPS login and play videos over HTTPS:

  1. Sign in to Synology applications with your custom domain name or Synology DDNS hostname.2
  2. Tick the checkbox of HTTPS on the login page.

If you wish to have a secure HTTPS login but lack a valid certificate:

  1. Sign in to Synology applications using your QuickConnect ID, custom domain name or Synology DDNS hostname.
  2. Tick the checkbox of HTTPS on the login page.
  3. Go to the settings page.
  4. Enable Play Video over HTTP (for DS video, DS file, and Synology Drive)/ Play content over HTTP (for DS photo, Moments, and Synology Photos).
  5. Enter the correct HTTP port number.

Notes:

  1. If your DSM version is 6.2.2 or above, a certificate from Let's Encrypt will be automatically generated after you register for a Synology DDNS hostname.
  2. QuickConnect ID is not valid for playing videos over HTTPS.
  3. If the network environment does not allow port forwarding setup:
    1. Sign in to the Synology applications using your QuickConnect ID.
    2. Untick the checkbox of HTTPS upon login.

Further reading

  1. You can refer to the following articles for more information on external access to Synology NAS:
    1. How to make Synology NAS accessible over the Internet
    2. What network ports are used by Synology services?
Symptoms
Diagnosis
Resolution
Configure port forwarding
Configure application settings
Further reading