Connection refused after installing DSM 6.0 Beta

After installing the newly released DSM 6.0 beta for Synology NAS, I was unable to reach the DSM again. My Chrome browser showed “Connection refused”. Not really a good start for beta testing new software. connection-refused

Luckily SSH is still up. Since DSM running on nginx, it’s straightforward to look for some error log in the nginx error log.

1
$ cat /var/log/nginx/error.log

shows following log records

1
2015/10/14 21:08:31 [emerg] 9040#9040: PEM_read_bio_X509_AUX("/usr/syno/etc/ssl/ssl.chain.crt/server.crt") failed (SSL: error:0906D066:PEM routines:PEM_read_bio:bad end line)

in the file /usr/syno/etc/ssl/ssl.chain.crt/server.crt I found a weird certificate formatting

1
2
3
4
5
6
...
ImqVevbi0ntIdiu3OBL0NuuHNw7N1kKkXTBIZnswp3mxOVSqDrEchULLW8fyawVX
lBOEu1QErxKSjwvlkQ==
-----END CERTIFICATE----------BEGIN CERTIFICATE-----
MIIF2TCCA8GgAwIBAgIHFxU9nqs/vzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
...

There’s a missing newline between the chained certificate. Put a new line between the certificate and restart nginx.

1
2
3
4
5
6
7
...
ImqVevbi0ntIdiu3OBL0NuuHNw7N1kKkXTBIZnswp3mxOVSqDrEchULLW8fyawVX
lBOEu1QErxKSjwvlkQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIF2TCCA8GgAwIBAgIHFxU9nqs/vzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
...

and restart nginx

1
$ synoservicecfg --restart nginx

Tadaaaa… DSM is available again.

4 thoughts on “Connection refused after installing DSM 6.0 Beta”

  1. Hi how do you edit the cert file and after how do you save changes, i’m a noob at ssh, can you give me step by step instructions please 🙂

    1. Hi Scott, have you ever activated Terminal/SSH service in DSM before? are you on Windows or Mac/Linux? if you’re on windows, search for putty. If you’re on Mac/Linux run Terminal. Then try to run following command in Putty or Terminal

      ssh root@SYNOLOGY_IP

      if it works, it will ask for you password. The password is the same with the password of admin user.

      If you don’t have Terminal/SSH service activated on DSM, then please see http://forum.synology.com/enu/viewtopic.php?f=260&t=105758&start=30

      1. hey thanks for getting bck, I’v been on syno forum and get how to open the ssl file but I don’t know how to save it after modifying it :(, at the min all I have is the synology ssl on my nas on 5.2 I had a startssl that worked perfectly, I want to re apply this cert, but afraid I get error again on gui, I have ssh enabled

Leave a Reply

Your email address will not be published. Required fields are marked *