Issues with auto renewal

My domain

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): I don't know.

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):I am using the Let's Encrypt ACME Client on the NAS Asustor 2.0.0.r5

My certificate auto renewal will not work I recently changed my router to a UDM-Pro, this may be part of the problem, but I am not sure.

When I run wanIP:80 on a Firefox I get sent to the Unifi login page not to the NAS.

The logs read "[Certificate Manager] Authentication failed".
Any help will be much appreciated.

1 Like

Hi @trirocketman

there is no answer -

So the validation of your domain can't work.

Sounds wrong. But from outside - there is a timeout - that's fatal.

I am not sure what you are telling me here. So the validation of my domain can't work? Well what do I do to fix it?

1 Like

Validation of a name is about what people see from out on the Internet. If your NAS is trying to get a certificate, but going to your domain name from the Internet doesn't go to the NAS, then it won't be able to verify that it owns that name (because, well, it doesn't).

So, you need to configure your router to direct things where you want them to go. Once you do that, people here can probably help you get a certificate if you're still having trouble. But there probably aren't many people here who can help you with your UDM, so you may want to look elsewhere for help with that. (I do happen to use Unifi myself, but only for my wireless access points, so I don't know how the router configuration of it works.)

1 Like

Peter, thank you so much for the explanation. After further investigation I found that this is what gets me to my NAS login page. Maybe this will help someone to figure out what is happening. Can you tell me in general terms how the UDM needs to be setup. I can setup port forwarding and such, I just don't know where to begin.

1 Like

Welcome to the Let's Encrypt Community, David :slightly_smiling_face:

I wrote the following for a different brand of NAS, but you still may find many of the concepts to be helpful.

Well, I'm not quite sure exactly what you're trying to have the router do either. :slight_smile: It sounds to me like with your old router, you had some configuration where going to your public domain name from the Internet on port 80 and/or 443 went to your NAS box? Is that what you're trying to do with your current setup? Are you trying to have the Unifi login accessible from the public Internet as well, or do you want to hide it? That, is, if you don't know what your old router was configured to do it's hard to know how to make your new router match it, and it may be that your current goals are for something different than what your old router did.

1 Like

Hey Peter, I have successfully port forwarded port 80 to my NAS. When I typed wanip:80 in my browser it found the NAS. I guess I am headed in the right direction. Wait and see. Thanks for your help. I will let you know what happens.

1 Like


isn't relevant. I can open that url.

Read some basics:


Short: If you use http validation, you must have a port 80 with a correct http answer (not https). So port 8000 is always unrelevant, Letsencrypt will never connect that port to check your domain.

Well that did it. Certificate was successfully renew. Port Forwarding port 80 directed to the NAS IP was what I needed to do. Thanks Guys.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.