How to find out why a certificate was revoked without notice

My domain is: ds.home.zorbla.de

It appears, that the certificate that was issued in august was revoked on Oct 20 without prior notice. How can I find out why and by whom the certificate was revoked?

1 Like

Hi @Dirk

there is a DiskStation, so it's a Synology.

There was a bug in DiskStation, certificates were revoked.

Check

and update your Synology.

1 Like

Thanks for the hint.
Unfortunately, the faulty DSM version is still the latest version available. According to the linked article, the revocation of the cert happened shortly after renewing. I did not do anything on October 20. When the cert was revoked, I was well asleep. On october 22, I successfully renewed my cert and it’s stil good.

However, as I couldn’t connect to the GUI, I had to ssh to the DiskStation and issue

/usr/syno/sbin/syno-letsencrypt renew-all -vv

manually. No need to replace anything in the GUI.
(Just in case this helps anybody with the same issue).

2 Likes

I want to add that now pointed to the Synology, I searched the logs and found a bunch of log messages about syno-letsencrypt. To me it looks like the synology wanted to automatically renew the certificate (running a command “builtin-dyn-syno-letsencrypt-syno-letsencrypt - renew”).

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.