Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: syna.ward-kirkwood.com & ward-kirkwood.synology.me
I ran this command: N/A - letsencrypt is attempting to renew SSL Certificate
It produced this output: email from Let’s Encrypt Expiry Bot
My web server is (include version): N/A - Synology Audio Station
The operating system my web server runs on is (include version): N/A - Synology DS
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): N/A
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): N/A
I configured my Internet Router to Port Forward TCP Ports 80 & 443 to my Synology NAS to install a SSL Certificate from Let’s Encrypt. My Home Automation Hub requires that TCP Port 80 is forwarded to it. As far as I am aware, it is not possible to Port Forward TCP Port 80 to multiple IP addresses.
I have read a number of people referring to issues with TCP Port 80.
My questions are:
- Does Let’s Encrypt require both TCP Port 80 and Port 443 to renew its SSL Certificate?
- If so, why both TCP Ports - why not just one (selectable by the user)?
- Why doesn’t Let’s Encrypt either use TCP Ports above 1024 rather than use the standard HTTP and HTTPS TCP Ports?
- Why doesn’t Let’s Encrypt permit its users to select the TCP Ports used for SSL Certificate renewal?
If I can have positive responses to these questions, it would be worth me to move from using your Free SSL Certificates to paying for them.
Many thanks and best regards
Joe.