The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): I don't know.
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):I am using the Let's Encrypt ACME Client on the NAS Asustor 2.0.0.r5
My certificate auto renewal will not work I recently changed my router to a UDM-Pro, this may be part of the problem, but I am not sure.
When I run wanIP:80 on a Firefox I get sent to the Unifi login page not to the NAS.
The logs read "[Certificate Manager] Authentication bigdavesnas.myasustor.com failed".
Any help will be much appreciated.
Validation of a name is about what people see from out on the Internet. If your NAS is trying to get a certificate, but going to your domain name from the Internet doesn't go to the NAS, then it won't be able to verify that it owns that name (because, well, it doesn't).
So, you need to configure your router to direct things where you want them to go. Once you do that, people here can probably help you get a certificate if you're still having trouble. But there probably aren't many people here who can help you with your UDM, so you may want to look elsewhere for help with that. (I do happen to use Unifi myself, but only for my wireless access points, so I don't know how the router configuration of it works.)
Peter, thank you so much for the explanation. After further investigation I found that this is what gets me to my NAS login page. https://bigdavesnas.myasustor.com:8000/portal/. Maybe this will help someone to figure out what is happening. Can you tell me in general terms how the UDM needs to be setup. I can setup port forwarding and such, I just don't know where to begin.
Well, I'm not quite sure exactly what you're trying to have the router do either. It sounds to me like with your old router, you had some configuration where going to your public domain name from the Internet on port 80 and/or 443 went to your NAS box? Is that what you're trying to do with your current setup? Are you trying to have the Unifi login accessible from the public Internet as well, or do you want to hide it? That, is, if you don't know what your old router was configured to do it's hard to know how to make your new router match it, and it may be that your current goals are for something different than what your old router did.
Hey Peter, I have successfully port forwarded port 80 to my NAS. When I typed wanip:80 in my browser it found the NAS. I guess I am headed in the right direction. Wait and see. Thanks for your help. I will let you know what happens.
Short: If you use http validation, you must have a port 80 with a correct http answer (not https). So port 8000 is always unrelevant, Letsencrypt will never connect that port to check your domain.
It sounds to me like with your old router, you had some configuration where going to your public domain name from the Internet on port 80 and/or 443 went to your NAS box? Is that what you're trying to do with your current setup? Are you trying to have the Unifi login accessible from the public Internet as well, or do you want to hide it? That, is, if you don't know what your old router was configured to do it's hard to know how to make your new router match it, and it may be that your current goals are for something different than what your old router did.