Cannot Recover Certificate (lost when trying to get it to work properly)

My domain is:

This relates to my Synology Disk Station DS214Play runing DSM 6.2.1-23824 Update 6

I am trying to use Photo Station and Audio Station

I access this via Windows 10 PC and android

Hello all. I’m not feeling very proud here as I seem to ave cocked up my DSM pretty effectively and need some guidance.

I use the DSM as home file server without difficulty.

I have always found Photo Station and Audio Station unreliable to access via Android because of the invalid certificates - initially using Synology self-signed certs. My family were getting browser alerts about security. Each person had to install ‘exceptions’ in each browser - this is getting harder and harder to do.

I used the built-in ‘Let’s Encrypt’ ‘wizard’ on the DSM. Same problem. Now the certificate.

I lost all access to these features after removing software that I had thought unrelated and had to re-install DSM. In this process I lost my ‘Let’s Encrypt’ certificate.

So, I have three problems to solve:

a) Can I recover my certificate or should I request a second one? If I request a second one, will I fall foul of the limitations of free certificates (i.e. should I revoke the validity of the lost certificate - and how?).

b) Whether I recover or replace my certificate, how do I get it to be automatically recognised as valid by browsers. Is ‘Let’s Encrypt’ able to achieve this?

c) The above domain name is a Synology DDNS domain. Is this a valid domain name for a certificate?

Thanks for your patience. Any help gratefully received,


Hi @AlanGaughran

there are a lot of older certificates ( ):

CertSpotter-Id Issuer not before not after Domain names LE-Duplicate next LE
879262945 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-04-24 18:04:26 2019-07-23 18:04:26 - 1 entries
791369350 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-03-03 11:39:38 2019-06-01 11:39:38 - 1 entries
791185697 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-03-03 08:15:23 2019-06-01 08:15:23 - 1 entries
791193949 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-03-03 08:14:55 2019-06-01 08:14:55 - 1 entries

But that looks ok.

One thing is curious. I've expected a self signed Synology certificate. Instead there is a self signed

	CN=Vigor Router, OU=DrayTek Support, O=DrayTek Corp., 
L=HuKou, S=HsinChu, C=TW
expires in 10052 days	

router certificate.


Create one new Letsencrypt certificate.

The domain looks ok. Is this

Host T IP-Address is auth. ∑ Queries ∑ Timeout A yes 1 0
AAAA yes A yes 1 0
AAAA yes

your ip address? If yes, that should work.

The bigger problem: If the router comes with it's own certificate, the router is the problem, not the DSM.

Perhaps there is an option that the router doesn't use it's own certificate, instead a direct port forwarding

port 443 extern -> port 443 intern.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.