Failed to connect to let’s encrypt. Please make sure the domain name is valid

CAJN · July 1, 2020, 6:37pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.cajncs.com

I ran this command: domain: cajncs.com; E-mail: support@cajncs.com; Alternative: mail.cajncs.com

It produced this output: Failed to connect to let’s encrypt. Please make sure the domain name is valid.

My web server is (include version): Apache HTTP Server 2.4

The operating system my web server runs on is (include version): Synology DSM 6.2.3-25426

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No, I log into Synology and manage the NAS.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): no Certbot that I know of.

Synology Support said:

rg305 · July 2, 2020, 12:12am

There seems to be some DNS/FQDN confusion:

Name: www.cajncs.com
Address: 76.72.93.182

Name: mail.cajncs.com
Address: 76.72.8.21

Which is the IP and FQDN that the Synology DSM device uses?

You mention:

But both of those names are being serviced by NGINX:

curl -Iki mail.cajncs.com
HTTP/1.1 302 Moved Temporarily
Server: nginx

curl -Iki www.cajncs.com
HTTP/1.1 301 Moved Permanently
Server: nginx

CAJN · July 2, 2020, 4:48pm

The domain www.cajncs.com points to the IP address where the website resides (NAS1).
The mail.cajncs.com points to the IP address where the mail server resides (NAS2).
Those are both pointing to the correct place.

I am not sure why it’s stating nginx when on the NAS it shows:

CAJN · July 14, 2020, 9:43pm

No one out there has any idea’s they can contribute?

JuergenAuer · July 14, 2020, 10:00pm

Hi @CAJN

please: How should that work? @rg305 wrote that already.

You can't create one certificate with both domain names via http validation, if they have different ip addresses (and without special setups like redirects etc.).

Create two different certificates, one per device.

CAJN · July 15, 2020, 2:02pm

You can’t create one certificate with both domain names via http validation, if they have different ip addresses (and without special setups like redirects etc.).

Create two different certificates, one per device.

Thank you, that was what I was looking for. I wasn’t sure how to resolve the issue, but this makes perfect sense.

system · August 14, 2020, 2:02pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Failed to connect to let’s encrypt. Synology NAS Help	4	3818	March 7, 2021
Failed to connect to Let's Encrypt. Please make sure the domain name is valid Help	2	595	March 20, 2021
Failed to connect to let’s encrypt, confirm domain Help	6	1271	December 19, 2019
Failed to connect to let's encrypt, confirm domain Help	11	8506	April 22, 2019
Failed to connect to Let's Encrypt. Please make sure domain name is valid Help	10	2100	April 12, 2021

Failed to connect to let’s encrypt. Please make sure the domain name is valid

Related topics