Can't create certificate for my domain

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
gayler.uk

I ran this command:
"Get a certificate from Let's Encrypt" via DSM Security tool on a Synology NAS.

It produced this output:
Failed to connect to Let's Encrypt. Please make sure domain name is valid

My web server is (include version):
Synology Web Station (Synology DSM 6.3.2)

The operating system my web server runs on is (include version):
Synology DSM 6.3.2

My hosting provider, if applicable, is:
NAMESCO

I can login to a root shell on my machine (yes or no, or I don't know):
I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
N/A

2 Likes
2

Hi @BillG

your configuration can't work, see the check - https://check-your-website.server-daten.de/?q=gayler.uk

Domainname Http-Status redirect Sec. G
http://gayler.uk/ 5.71.31.45 -14 10.017 T
Timeout - The operation has timed out
http://www.gayler.uk/ 5.71.31.45 -14 10.030 T
Timeout - The operation has timed out
https://gayler.uk/ 5.71.31.45 No GZip used - 895 / 1474 - 60,72 % possible Inline-JavaScript (∑/total): 2/0 Inline-CSS (∑/total): 1/610 200 Html is minified: 174,44 % 2.770 N
Certificate error: RemoteCertificateNameMismatch
small visible content (num chars: 114)
Web Station has been enabled. To finish setting up your website, please see the "Web Service" section of DSM Help.
https://www.gayler.uk/ 5.71.31.45 No GZip used - 895 / 1474 - 60,72 % possible Inline-JavaScript (∑/total): 2/0 Inline-CSS (∑/total): 1/610 200 Html is minified: 174,44 % 2.540 N
Certificate error: RemoteCertificateNameMismatch

https answers.

But http has a timeout.

If you want to use http validation, an open and working port 80 / http is required.

Open your firewall or / and configure your router, so the DSM answers port 80.

3 Likes
3

That seems to indicate that the NAS can not reach LE.
Make sure it has outbound access for DNS and HTTP(S) as well.

2 Likes
4

Wow Juergen that was unbelievably fast support and exactly the right solution. Wasn't aware from the Synology docs I had to have port 80 open.

11/10 for customer service. Thanks!

3 Likes
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.