Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My web server is (include version): Synology DS220J
The operating system my web server runs on is (include version): DSM 7.0-41890
My hosting provider, if applicable, is: synology
I can login to a root shell on my machine (yes or no, or I don't know): I have admin privilages
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): The latest version -- I loaded it on my computer using sudo apt update.
Synology gives me the name mlempenau.synology.me and an ip address of 171.100.76.87. I have no clue what to do. Your help is much appreciated.
I have obtained a domain name before by paying for it. Is this the better option?
You are correct. I forgot to mention one small detail. I have synology certificate but I can't use it with two factor authorization. With 2FA I need a registered domain. I want to use 2FA using my Yubiko. What am i missing to make this happen?
I do not mean to argue - just trying to help. If you are just missing a "registered domain" then another certificate will not help. These are different things.
I have not used 2FA with Synology but saw this Youtube video instructing on Yubico with Synology and it did not mention needing a different certificate.
Your certbot error is saying your NAS was not reachable from the internet. And, right now I do not see any ports open on your NAS.
I think you would get better assistance at the Synology forum - people there know the configuration of it better than we do here. Or, even a Yubico forum if there is one.
They were trying --standalone to meet that but I agree much is missing here. Synology uses a variety of ports for its functions - music sharing, backup, ...
Maybe we have different meanings for "functional HTTP site".
My view is that includes the port forwarding - which seems to be missing from their solution.
[as shown by the failed --standalone request]
fix one, fix all
I have been rightfully accused of not using enough words on some occasions...
And also for using far too many on others.
This seems like a case where I could have used a few more words.