Letsencrypt validation problem? Http/DNS


#1

Hi All

I have successfully installed letsencrypt as a Docker on my Synology server:

docker create --cap-add=NET_ADMIN --name=letsencrypt -v /volume1/docker/letsencrypt/config:/config -e PGID=100 -e PUID=1033 -e EMAIL=name@moviewall.dk -e URL=moviewall.dk -e SUBDOMAINS=plex -e VALIDATION=http -p 81:80 -p 444:443 -e TZ=Europe/Copenhagen linuxserver/letsencrypt

My domain is: moviewall.dk, the validation and best way to do this if I want auto renewal
So what are my best options?

Domain: moviewall.dk
Subdomain: sub.moviewall.dk
DNS provider: GratisDNS (They support DNSSEC setup, dont know if this makes it easyer?)
WEBSERVER: NAS running DSM 6.2 service as docker (Fixed IP)
A record setup for port 80 & 443 (Verified to be open)

It produced this output: with setup http validation:
http://plex.moviewall.dk/.well-known/acme-challenge/IjDVN9N_xfBbb0BOnQRA…
But where do I place this code? in a file under the docker config?

I can login to a root shell on my machine:
yes as root running docker services- command terminal

I’m using a control panel to manage my site:
No - But any recommendation for such control manager? (Docker image preferred :slight_smile:

Best regards
Casperse

UPDATE:
My domain *.mydomain.com was redirecting to https.
I had to disable the SSL site and disable the http --> https redirect in my virtual host that served http.
Still doesn’t work.

Also managed to create the domain and also the folder in my local webserver and successfull managed to reach the folder from the net (My phone) moviewal.dk.well-known\acme-challenge\test.txt - success
But still cant get letscrypt working

Do I have to manually import the new Certbot addon to the letsencrypt docker addon folder?
Or am I making this to complicated… :slight_smile:


#2

HELP? if I add these challenge codes in txt an run it again the code changes…? how can I do these validation

One more thing! if I use the bulit in Letsencrypt I get the certificate (But I need it for a docker webservice, but this proofes that the A record is setup correctly and the ports are open)


#3

Have you considered just volume mounting the Let’s Encrypt private key and certificate that Synology DSM has already issued into your Docker container? That way both Synology and your Docker container can use the same certificate and you don’t need to duplicate the work.

You should be able to include the plex. and whatever else subdomains you need using DSM:

Your setup looks needlessly complicated and I honestly have no idea how to approach helping you, having read your post earlier this week and again now.


#4

YES - you are right, created two different cert. for each domain, and then just used the internal reverse proxy and then everything works!


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.