This is the correct and complete answer, however there is one additional wrench to throw in. When you set up a FQDN that points to a non-routable private IP, there is a security concern that is raised, namely DNS Rebinding. If you read that article, the first protection technique that is used is a complete disabling of the mechanism that unraid utilizes to provide a valid FQDN with the accompanying SSL cert. So, to get unraid's FQDN SSL cert to work, you have to disable some or all of the rebind protection of your local DNS, hopefully by just adding an exception for unraid.net. That is router dependent, so unraid can't really do a whole lot to help get it working for everybody.