How do i get a certificate that works

I am a complete Novice I have tried every way and followed all the tutorials but just cannot get my server safe

My domain is:**********

I ran this command:*******

It produced this output: a certificate I exported it and unzipped it got the keys

My web server is (include version):synology DS1515+

The operating system my web server runs on is (include version):Synology

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

I have created a certificate domain name -********** through the certificate page I created it with lets Encrypt I exported it and unzipped the archive ,put the private key in , put the certificate key in ,
Nothing happens its still saying HTTPS not secure

Without knowing your full host/domain name it is very difficult to test and see what specifically is the problem. Your full host/domain name is already public via certificate transparency records so there’s no real need to hide it.

Hi Michael Proto

I apologize for that as I said i am a novice !

it is


Unfortunately I don’t know Synology and how they deploy certificates so I can’t be an incredible help here, but I did confirm that at least externally what appears to be the default Synology-provided certificate is still being presented by the device. Were you following some sort of tutorial to get the LetsEncrypt certificate installed?

yes I followed this tutorial it seemed to work but im still getting


So, one thing I’ve noticed-- you don’t have port 80 open. This will cause problems with the http-01 authentication/verification method used by LetsEncrypt and may be causing some of your distress. HTTP/80 is required for that check to pass.

Hi Michael
I have opened port 80 on my PC i reran the certificate tried to log in on and got this !

Hi @Spanner

you need the open port 80 to create a certificate.

That has worked, there is a three days old certificate ( )

CertSpotter-Id Issuer not before not after Domain names LE-Duplicate next LE
936027192 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-05-28 15:19:01 2019-08-26 15:19:01 - 1 entries duplicate nr. 1
834630602 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-03-28 11:33:41 2019-06-26 11:33:41 - 1 entries


Domainname Http-Status redirect Sec. G 200 0.100 H 200 0.097 H -14 10.027 T
Timeout - The operation has timed out -14 10.027 T
Timeout - The operation has timed out

you don't have a redirect http -> https and https has a timeout.

So your browser uses the http version - that's insecure.

PS: Because of that timeout I can't see the problem Chrome reports.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.