Certificate updated in Synology but Chrome still has old dates

My domain is: https://mcquarrieb.synology.me:5001/

I ran this command:
Updated certificate using Synology Control Panel - Security - Certificate. It appeared to renew successfully.

It produced this output:
It appeared to renew successfully but when I connect via Chrome it says NET::ERR_CERT_DATE_INVALID and when I check it shows the old dates before I renewed

My web server is (include version): Synology DS218+

The operating system my web server runs on is (include version): DSM 6.2.2-24922 Update 3

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
Don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

1 Like

Hi @Barbara1

checking your domain there is an expired certificate - https://check-your-website.server-daten.de/?q=mcquarrieb.synology.me%3A5001

You have created some new certificates:

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2019-10-13 2020-01-11 mcquarrieb.synology.me
1 entries
Let's Encrypt Authority X3 2019-10-13 2020-01-11 mcquarrieb.synology.me
1 entries
Let's Encrypt Authority X3 2019-10-12 2020-01-10 mcquarrieb.synology.me
1 entries
Let's Encrypt Authority X3 2019-10-12 2020-01-10 mcquarrieb.synology.me
1 entries
Let's Encrypt Authority X3 2019-10-06 2020-01-04 mcquarrieb.synology.me
1 entries
Let's Encrypt Authority X3 2019-07-09 2019-10-07 mcquarrieb.synology.me
1 entries

But the old, expired certificate is used:

CN=mcquarrieb.synology.me
	09.07.2019
	07.10.2019
13 days expired	mcquarrieb.synology.me - 1 entry

Did you restart the webserver port 5001?

1 Like

I restarted the Synology Diskstation (several times) but not specifically port 5001 (not sure how to do that).

1 Like

Checking your main domain ( https://check-your-website.server-daten.de/?q=mcquarrieb.synology.me ) there is the same expired certificate.

And a lot of Synology content.

Is it possible to restart that nginx? Or do you have something like a “list of certificates created” in your Diskstation?

Normally, that should work. That Letsencrypt client is a “closed world”. Is there an update?

I’m afraid I don’t know anything about nginx and this is the only mention in Synology Help

To customize the “Server” header in the HTTP responses:

1. Tick Enable the “Server” header in HTTP responses.

  1. Specify a header for your web server (e.g. nginx).
  2. Click Apply.
    which doesn’t look relevant.

There was one other certificate showing on the Certificate page which I assumed was inactive as the one I use is the default, but I deleted it anyway in case it was confusing things. Restarted the DiskStation but still showing Not Secure. There doesn’t seem to be any facility to dig into the certificate detail any further or troubleshoot.

I therefore assume the problem lies with Synology? If so I will try their community.

Many thanks for your help.

Barbara

PS Sorry, forgot to confirm everything is up to date.

Yes, that's a good idea. Such a "closed world client" should work. If not, looks like a bug.

Did you clear your browser cache?

Good question - I didn’t! Though just tried and still seem to have the problem.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.