Here is my setup:
- Running a web server (as well as many other services like FTP, VPN, etc.) from a home-based Synology NAS
- ISP doesn’t allow fixed IP for residential customers
- ISP blocks port 80 but not port 443
- I have a free dynamic DNS account with no-ip
- My Synology NAS does the regular updating of my IP with no-ip
- With no-ip, myname.no-ip.biz gets forwarded to my cable-modem’s IP
- With no-ip’s FREE account, under “host type”, I must choose EITHER “DNS HOST (A)” OR “Port 80 redirect”. I selected “DNS Host” so that all my ports are forwarded, but with this config, I can’t specifically redirect port 80
- A friend had a paid dyndns account and he forwards for me myname.dyndns.biz to myname.no-ip.biz:8080
- On my router, port 8080 gets forwarded to port 80 on my NAS
- My domain is registered with NetFirm, and there, I have set a URL pointer for www.mydomain.com toward myname.dyndns.biz which in return gets forwarded to myname.no-ip.biz:8080
All this works, except that when I access my NAS through various ports (or even locally at 192.168.8.20 for example) I get the very annoying Chrome warning that the connection isn’t private. Worst, my Synology NAS allows me to easily share files with a URL (that looks like https://myname.no-ip.biz:52345/sharing/12zFDQaG1 but when I send that URL to friends or customers, they get the Chrome warning that they are being hacked and they freak out.
I know Synology has “included” an automated way to add Let’s encrypt certificates within the UI, but when I do so (Control Panel --> Security --> Certificates --> Add --> Add New --> Get a certificate from Let’s Encrypt I get the error message:
“Failed to connect to Let’s Encrypt. Please make sure your DiskStation and router have port 80 open to Let’s Encrypt domain validation from the Internet”. As mentioned, port 80 is blocked by my ISP.
I do have SSH/Root access to my NAS, which is running Linux 3.10.77.
Is there a way to make Let’s Encrypt work for my setup?