I have been trying to set up the SSL certificates on my Synology DS420+ and having some errors.
I have read multiple pages here in the community for help, including this detailed one here: Clarification of Synology NAS DiskStation Manager (DSM) Documentation of Let's Encrypt Integration
And thus far I've not been able to sort the issue, any help would be greatly appreciated.
I will explain in detail.
Last week after first setting up my NAS, I set up all the port forwards and set up a ddns domain through synology: "zypher.synology.me". The set up of this was successful and a certificate was issued.
However, I was advised that this was a security risk due to publicity of all subdomains on synology.me, and I was told it is better to register my own domain name. I did that today and registered "truesdell.family" on Google Domains and set up the ddns in their system with all appropriate synthetic records. I configured this on the NAS and it worked correctly and updated the Google DDNS with my current IP Address.
All required ports are still open and forwarded (port 80 and port 443, as well as the standard Disk Station ports). I can access the NAS over a browser, on port 80 for HTTP and HTTPS on port 443, only receiving a certificate issue on port 443.
Today while trying to get a certificate for this new domain I have had nothing but errors. I have tried with both the root domain "truesdell.family" and with a subdomain "zypher.truesdell.family" and neither have had any success.
Initially I was getting the all too common error of "Failed to connect to Let's Encrypt. Please make sure your Synology NAS and router have port 80 open to Let's Encrypt domain validation from the internet". Now I am getting that I have have had too many requests.
I am unsure why it is failing to connect when the port forwards are working through the browser and nothing has changed since I set the initial certificate up on the zypher.synology.me domain.
I have not disabled / deleted the zypher.synology.me certificate, it is still the default certificate so I can still access the system until I get my own domain correctly running. Would this be an issue?
Any advise would be greatly appreciated to point me in the right direction as I am struggling to find the correct solution here. Any further data I can provide please let me know.