Domain name and certificate generation

Hello patrons trying to avoid characters with flaws but I purchased a domain from qtc a hosting platform based in America for domain and web & mail hosting.
By the way this is my posting information
Windows 10
Synology srm
Domain: [Finallyencrypt.com]
Domain site where domain was purchased [Qth.com].
I purchased a domain on good efforts to produce a legal certificate to secure my (HTTPS)Login for my Routers and Nas device , QTH is a recommended provider of Domains for lets encrypt. So I was a little disappointed because I have been experiencing problems generating an lets encrypt certificate on a supported application on synology srm os. Through my troubleshooting synology tech support said that domain provider or something in between is not sending text records of to lets encrypt so that certificate can be generated, with out txt record certificate cannot be generated which is "understandable" lol without validation you can't have nothing rite so I contact Qth and they tell me that they only offer support for web mail and that they can only issue ssl certificates for their servers only and ["We can't issue you SSL certificates for your personal devices. We can only issue SSL certificates valid for your domain (finallyencrypt.com) on our server only"]. Now this is confusing me but it really is not only synology's srm can provide valid lets encrypt certificates for their devices, so the dilemma is can "QTH" simple domains be compatible with and be used to generate ssl for [HTTPS] via synology's srm with lets encrypt certificate application generator or any other website domain application if not why are they selling domains. I'm not brilliant all the time but if a football team can fall through the cracks then a domain that is purchased has to be able to be used for purposes outside the vendor's website so you brilliant people pleeasse help me with this dilemma.

Sincerely,

The infamous rain dancer

P.S. See you soon across the finish line.

If you point your domain to your device, your device should have no problem getting a certificate using its own client.

3 Likes

I argree with @9peppe. Currently it seems your hostname resolves to an IP address of QTH. It should point to your own IP address.

Also, who has told you QTH would be a "recommended provider of Domains for lets encrypt"?

And are you the only user of your router and NAS device? Or are there multiple users? Because if you're the only user, why not just work with a long-lived self-signed certificate which is permanently added to your own client(s)?

4 Likes

That's a mess. In theory, it works. In practice, nobody ever realises how many root stores there are and how many devices they are using.

Automating ACME with publicly trusted certificates beats self signed certificates every time.

3 Likes

One phone, one desktop PC, one laptop. I know exactly how many root stores I have to think about for my own local CA :wink:

3 Likes

Each of those has an OS, has Firefox. And those devices change with time. And you can't just share a link to your Nextcloud instance, for example.

Doable, yes. Also messy.

2 Likes

Then the scope/audience of your service is different than we just discussed :slight_smile: The condition "if you're the only user" wouldn't apply any longer :wink:

4 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.