Thanks for your answer.
Indeed I have a website and some subdomains that have SSL working as i have created them on my provider interface (infomaniak).
But now i have created a subdomain on my provider that redirect with Dynamic DNS to my Synology IP.
And this subdomain is not recognized n’y let’s encrypt…
This time i made the demand through my NAS interface, not on Infomaniak Interface.
If I’m understanding correctly, you have a subdomain that is redirected to an internal network attached storage. Have you tried installing and serving a copy of the newest certificate directly from there? Since the certificate is a wildcard (*.) it should match the subdomain and thus be legitimized. Basically what I think I’m saying is that you have a valid cert for your subdomain and just need to install it (and its private key) on the device serving the subdomain. No need to get a new certificate.
The cert I am referring to has serial number 03:8c:ed:75:cd:1d:a2:b1:c4:cb:2d:07:7e:7c:0b:37:94:81 and expires on 11/12.
The certificate and private key are usually located in separate folders under a common folder. Often the filenames of both begin with your domain name. The certificate filename frequently ends in “.crt” while the key filename frequently ends in “.key”. Sometimes other extensions are used for both (eg “.pem”). It depends upon your system and the software managing the ssl for your webserver. There is also often a folder containing a ca certificate file.
If you open the certificate file, it should be text that begins with “-----BEGIN CERTIFICATE-----”. Similarly, if you open the private key file, the text will likely begin with “-----BEGIN RSA PRIVATE KEY-----”.
I’m noticing that enzomuhlinghaus.com is down for maintenance. Is this related to your certificate? By the by, you can always get a certificate issued solely for vtt.enzomuhlinghaus.com if it simplifies things (much like the one for foundry.enzomuhlinghaus.com). Acquiring the certificate can be performed by the same system that is handling enzomuhlinghaus.com using the same type of DNS challenge used for obtaining a certificate for *.enzomuhlinghaus.com. I state this in case there’s a security/isolation concern regarding copying the wildcard *. certificate.
It seems that the certificate being served by enzomuhlinghaus.com is also the old certificate (serial number 04:9a:36:22:f0:ab:46:65:70:ec:7c:64:41:20:7a:db:2b:d5). That certificate is still valid, but doesn’t include the wildcard *. or vtt.enzomuhlinghaus.com. It looks the the correct certificate (serial number 03:8c:ed:75:cd:1d:a2:b1:c4:cb:2d:07:7e:7c:0b:37:94:81) was generated but never installed anywhere.