Can't create certificate for my domain

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
"Get a certificate from Let's Encrypt" via DSM Security tool on a Synology NAS.

It produced this output:
Failed to connect to Let's Encrypt. Please make sure domain name is valid

My web server is (include version):
Synology Web Station (Synology DSM 6.3.2)

The operating system my web server runs on is (include version):
Synology DSM 6.3.2

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):


Hi @BillG

your configuration can't work, see the check -

Domainname Http-Status redirect Sec. G -14 10.017 T
Timeout - The operation has timed out -14 10.030 T
Timeout - The operation has timed out No GZip used - 895 / 1474 - 60,72 % possible Inline-JavaScript (∑/total): 2/0 Inline-CSS (∑/total): 1/610 200 Html is minified: 174,44 % 2.770 N
Certificate error: RemoteCertificateNameMismatch
small visible content (num chars: 114)
Web Station has been enabled. To finish setting up your website, please see the "Web Service" section of DSM Help. No GZip used - 895 / 1474 - 60,72 % possible Inline-JavaScript (∑/total): 2/0 Inline-CSS (∑/total): 1/610 200 Html is minified: 174,44 % 2.540 N
Certificate error: RemoteCertificateNameMismatch

https answers.

But http has a timeout.

If you want to use http validation, an open and working port 80 / http is required.

Open your firewall or / and configure your router, so the DSM answers port 80.


That seems to indicate that the NAS can not reach LE.
Make sure it has outbound access for DNS and HTTP(S) as well.


Wow Juergen that was unbelievably fast support and exactly the right solution. Wasn't aware from the Synology docs I had to have port 80 open.

11/10 for customer service. Thanks!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.