Can't renew certificate


#1

My domain is: no domain, just server IP: 86.63.73.169

I ran this command: I do not run any commands. I have qnap server, i simply click on “renew certificate”

It produced this output: authentication failure, check dns or if port 80 works

My web server is (include version): QNAP 4.3.4.0752?

The operating system my web server runs on is (include version): QNAP 4.3.4.0752?

My hosting provider, if applicable, is: none, its a physical server in the company.

I can login to a root shell on my machine (yes or no, or I don’t know): Yes, I am administrator and can log in, I am the only one that takes care of the server, I once got Lets Encrypt certificate, can’t remember how, now it won’t renew on itself.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I am logging into server directly through IP and use QNAP control panel.

I always used to set in the company PPPoE connection for users, but i red it is tottaly unsecure and I somehow got the certificate and set all PCs to work, but certificate got outdated and I think I should get a new one but I can’t :confused:


#2

Hi @Sawpel,

Let’s Encrypt certificates have never been available for bare IP addresses, only for domain names. If you were previously using a Let’s Encrypt certificate, it must have been requested and issued for some domain name.


#3

Ok, I just realized my mistake.

I can log through IP to administrator panel, but users log in through some kind of client installed on pc that sets connection. It works by using 3 files generated on QNAP. One of them “SSLcertificate” comes with a domain probably: “ekotop.myqnapcloud.com


#4

If so, it has been a long time since your certificate was valid:

https://crt.sh/?Identity=ekotop.myqnapcloud.com&iCAID=16418

The most recent certificate for that site expired back in March.

If you’re aware of that but this is the certificate that you’re trying to renew now, the first problem to look into is that ekotop.myqnapcloud.com is no longer a publicly-visible DNS name (the DNS servers time out when asked about it). If you’re on a private LAN or WAN and have custom DNS or hosts files, people on your own network might not be aware of this, but in order to get a publicly-trusted certificate, the names (or at least some associated DNS TXT records) have to be publicly-visible in DNS. But yours isn’t at the moment.


#5

Shame on me :confused: I know this, i just did not have time to take care of it.

How do I change my DNS so it will be publicity-visible? Is it something i should do on my server?


#6

It looks like the entire myqnapcloud.com is down in its entirety. Do you know who’s responsible for running that?


#7

Ha, that was it, it renewed :smiley: Thank you SO MUCH!

Me, I am responsible, i do not remember why I turned it off and why :confused: