I can get new certificate, but not renew on synology

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: leeh.nl

I ran this command:
renew certificate
It produced this output:
Operation failed. Please log in to DSM and retry.
My web server is (include version):
synology 6.2.4 latest update
The operating system my web server runs on is (include version):
synology 6.2.4 latest update
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
I don't know
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

So I can make a new certificate through the normal way in synology control panel. No problem.
But then it expires and never renews. I click on renew manually and it gives me:
Operation failed. Please log in to DSM and retry.
Yeah that doesnt help. Or solve the problem. Ever. Ports 80 and 443 are opened and point at the server. Thats no issue. I even turned off the firewall to try if it helps.. It doesnt.

So to get around this I just delete the expired certificate and make a new one. Which then works fine.
So why doesnt the renewal work? I dont get it.
Now tonight after trying to renew in every kind of way, it suddenly said: Maximal certificate requests reached for this domain name
Is this permanent? Or just because I tried too much times to renew?

I have read a lot about this renewal issue. Also at synology. But the people who have this, either make mistakes with ports. Or their firewall is not letting it through. etc.
Its all good here. I mean it can make a new one just fine. Just not renew. And I just cant find a solution.

Maybe here someone can help me?
Thanks a lot!!

No, it's not permanent. It also doesn't make any sense for that domain: letsdebug-toolkit

Is you client asking for a certificate on other domains? Is it maybe bullshitting by giving you ab error message that doesn't correlate to what actually happens?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.