Cannot Create a New Certificate on my Synology NAS

Greetings All,
I am new to creating a new certificate for my Synology NAS.
This is a little confusing so please be patient.
I will try to clarify a little. To start with I own the domain name e2snail.com. I already have a valid free certificate for www.e2snail.com and e2snail.com. I have created a sub domain
icanhome.e2snail.com, this is the address that I have assigned for my NAS online.
Only Synology does not allow me to assign my own domain name to the device itself within the External Access panel. The only way that I have found to resolve
my issue is to create a free domain registration icanhome.hopto.org. So within
my NAS I have set the external config to icanhome.hopto.org. Then what I have
done within my DNS config I have create a CNAME record as follows.

icanhome.e2snail.com. 14400 IN CNAME icanhome.hopto.org

So when you open the URL icanhome.e2snail.com, that redirects to icanhome.hopto.org which is then directed to the NAS external IPADDRESS.

Now when I try to create a new certificate within teh NAS Security / Certificates panel.
I am asked to fill in the following details.
Domain Name: icanhome.e2snail.com
Email: lawrence@e2snail.com
Subject Alternative Name: mail.e2snail.com (I have used what is suggested by the help panel.)

The error I get when I click on Next is

"Failed to connect to Let's Encrypt. Please make sure the domain name is valid"

It is valid because I can use it without any hassles connecting to my NAS with the Synology standard certificate.

My domain is: www.e2snail.com

I ran this command: All commands are carried out from the Synology Control Panel.

It produced this output: The error shown above. Cannot connect.

My web server is (include version): Running from the Synology Nas.

The operating system my web server runs on is (include version): Synology.

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Thanks
Lawrence

Have you forwarded port 80 on your modem/router to your Synology device?

It's not accessible from the internet:

1 Like

If that still fails, then please provide the version of DSM and the contents of file: /etc/nginx/nginx.conf

Guys

Thanks for the follow up but in the mean time I found the following page that after a DNS update sorted things out.

Thanks
Lawrence

2 Likes