SSL without Domain name? Certificates?

    • SSL without Domain name or certificates

      I'm setting up an OMV NAS to replace my Netgear ReadyNAS. Currently, I've been trying to configure SSL, something I've never done before.

      From what I've read, an SSL certificate is associated with a domain name. This presents my first problem. Currently I use two free dynamic DNS host names from noip with the ReadyNAS. But both are used solely for WebDAV and point to a share devoted to WebDAV access. I expect they'll be used the same way on the new NAS, and I don't really need a domain name for points higher up in the file system hierarchy. That is, unless I do need one to implement SSL for OMV. Right now, while I'm still configuring the new server, using its local network IP address is perfectly fine. To configure SSL do I need to associate a domain with the NAS drive's IP address, or can I just use the IP address without a domain name and still use SSL?

      Just to be clear, noip provides several domain names to choose from, but the user must provide another name to construct a host name. This really the only thing the user "owns." For example, noip might offer a domain name of "foo.net," and the user could then use "bar" to create a host name of bar.foo.net. If the user were to use this as the domain for the SSL, it would not strictly speaking be a domain name. OTOH, if the user only used "foo.net," then this would be a domain shared by hundreds of other, anonymous users.

      FWIW, I do realize that once the NAS is up and running, if I want to administer the NAS drive from outside the local network, I'll need a dynamic DNS because my ISP uses DHCP to assign IP addresses to my router.

      Second, when I've looked online for a free SSL, I've seen sites that also require an email address associated with the domain. But I don't run an email server on my NAS, so even if I got a domain name for it, I still wouldn't have an email address using the domain. What's the story with this?

      Third, thus far I've had no luck using SSL certificates in OMV. I've tried:
      • The self-sign certificate method described here
      • and the LetsEncrypt plugin method described here. [It asks for both the domains to use and the root directory of the Internet-facing webserver. I have no idea what directory I should use. And for now, I'd prefer the IP address over a domain.]
      Maybe these haven't worked because the NAS drive doesn't have a domain name. But even if I were to plan to give it a domain name, I wouldn't want to do so yet because the machine is not properly configured and still has several security issues. I want to configure it before making reachable from outside my local network. What's the best way to do this?

      Thanks.

      The post was edited 2 times, last by Swampy: 1) To clarify nature of post (you can't have SSL without certificates. To add explanation why LetsEncrypt doesn't work. 2) To distinguish between host and domain names and to clarify the I don't really have my own domain names. ().