Failed to connect to let’s encrypt. Synology NAS

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: red7.nl

I ran this command: renew or add new cert to replace the old

It produced this output: failed to connect to Let's Encrypt server

My web server is (include version): NA

The operating system my web server runs on is (include version): DSM 7.1.1-42962 Update 8

My hosting provider, if applicable, is: NA

I can login to a root shell on my machine (yes or no, or I don't know): no

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

did you actually bought that domain? it looks like it points to some hosting provider's parking page (vimexx.nl)

2 Likes

@orangepizza , sure i have a cert for it now, i want to renew/replace my old cert. I don't use it for web hosting just for url's.

1 Like

he's using this certificate
home-red7-nl.pem (1.5 KB)

when I tried home subdomain, it replied a javascript to redirect on port 5001: it has few problem for LE purpose. they don't javascript nor follow redirect to nonstandard port.

3 Likes

@orangepizza , that's because i have a reverse proxy setup.

Do you have any further info than "Failed to connect to let’s encrypt. "

Perhaps from the logs?

Because taken literally it sounds like your system is failing to reach the Let's Encrypt API. Are you able to run something like this from your system that is making the cert request?

curl -I https://acme-v02.api.letsencrypt.org/directory
2 Likes

@MikeMcQ , it's being requested from the synology UI, and there are no logs on the synology for the certification request unfortunately. But i know that port 80 and 443 are accessible.

Your best option is to post at the synology forum. If they can describe how to get more details from a log maybe we can help. Or if you can run that curl command I showed or something similar so that we can start to identify what's gone wrong. But as it is there isn't much to suggest given the generic error message.

There is not a general problem reaching Let's Encrypt right now so this is likely something unique to your setup. Or perhaps a problem with your isp connection.

By the way, only port 443 is used for outbound connections to let's encrypt. Testing of inbound connections would or could use both of course

3 Likes

@MikeMcQ , thanks i will.

2 Likes

Thanks @MikeMcQ @orangepizza, i found it, it was a problem in the config of the DNS from the domain provider.

3 Likes