Action required: Let's Encrypt certificate renewals


#1

Hi dear helpers
I’ve received the email speaking about the “certificate renewals breaking”

I don’t understand much about these things but if you tell me exactly where to search, I’ll do my best to give you all the information you need.

First, my server is a NAS Synology DS718

My domain is: https://twiners.fr/
I ran this command: I didn’t run any command. What command? Where? Like a PUTTY command?
It produced this output: No command, no output

My web server is (include version): Webstation(?) version 2.1.6-0146
The operating system my web server runs on is (include version): DSM(?) version 6.2.1-23824 Update 4

My hosting provider, if applicable, is: OVH(?) France

I can login to a root shell on my machine (yes or no, or I don’t know): Yes, I can connect to my server using PUTTY and a root account. Is this the reply you expected?

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I guess no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): I have no idea about that question!

I hope it helps for a start,
but again please tell me where to search so I can provide detailed answers.
Hope to hear from you soon.


#2

Hi @rvga

ignore the mail.

Synology has it’s own integrated system. They had used tls-sni in some situations, now they remove it.

Only thing: You need an open port 80. But your port 80 ( https://check-your-website.server-daten.de/?q=twiners.fr )

is already open, the test has the correct result 404.


#3

Hi Juergen thx for your fast reply,

Ok, but in the meantime I’ve created 2 other certificates that uses LetsEncrypt as shown in the attached screenshot. So should I do something?

You’ve mentioned that I need an open port 80.
And then you wrote that my port 80 is already open.
I am confused.
Is it good or not?
Should I do something with this port 80?


#4

So there is no problem.

If you have now the idea to close the port, then renew may not work.

Renew via http 01 validation works if you have an open port 80.


#5

I understand that every thing is fine for me and my system.
Thx Juergen for your time and support, I appreciated.