After cert renewing my connection is not trusted anymore. It worked before

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: sis.diskstation.me

I ran this command: curl -v https://sis.diskstation.me

  • Trying 195.38.100.9:443...
  • TCP_NODELAY set
  • connect to 195.38.100.9 port 443 failed: Time out
  • Failed to connect to sis.diskstation.me port 443: Time out
  • Closing connection 0
    curl: (28) Failed to connect to sis.diskstation.me port 443: Time out

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version): DSM7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Is this IP address correct?

Check https://ifconfig.co

2 Likes

Yes it is

HTTP does not work either though. Why would that be?

curl -v http://sis.diskstation.me
2 Likes

Yes, same problen with http.

curl -v http://sis.diskstation.me

  • Trying 195.38.100.9:80...
  • TCP_NODELAY set
  • connect to 195.38.100.9 port 80 failed: Időtúllépés a kapcsolatban
  • Failed to connect to sis.diskstation.me port 80: Time out
  • Closing connection 0
    curl: (28) Failed to connect to sis.diskstation.me port 80: Time out

Are you sure your ISP did not assign you a new IP? What does this curl show?

curl http://ifconfig.co

Also, I don't see any ports open to your current IP. Usually Synology devices show at least some port available.

I see you have 13 valid certs. So you have no trouble getting certs but have some sort of connectivity problem to your system. Maybe a Synology forum would be able to help more.

2 Likes

Hmmm but before renewing it was working. I checked again everything, my configuration is not changed.

IP address 195.38.100.9
IP address (decimal) 3274073097
Country Hungary
Country (ISO code) HU
In EU? true
Region Fejér
Region code FE
Postal code 8000
City Székesfehérvár
Latitude 47.1899
Longitude 18.4103
Timezone Europe/Budapest
ASN AS20845
ASN (organization) DIGI Tavkozlesi es Szolgaltato Kft.
Hostname 195-38-100-9.pool.digikabel.hu
User agent Mozilla/5.0
User agent: Comment (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
User agent: Raw Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36

Something changed or it would be working. A fresh cert would not cause inbound connections to timeout. And, certs have no impact on HTTP connections. You will need to ask Synology why their renewal process blocked all inbound connections.

Although, I still think it most likely something changed in your router or ISP

2 Likes

The problem was on the side of my internet provider. Many thanks for your help!!

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.