I am having quite a complex situation here…
I have created in January my LetsEncrypt certificate directly via the NAS synology interface and it worked perfectly. My domain is nasthomas.guix.eu.
A week ago I received an email from letsencrypt saying that my certificate was going to expire. I then try to renew it and it’s where the complications started…
I saw that normally synology do it automatically but for some reason my NAS does not have access to the 80 port because of my router that for some reason does not allow it and to be honest, not sure I will be able to solve this quickly…
I even tried to run the synology command line directly but I got the error message that the 80 port is not available.
This is why I tried via the command line on a ubuntu distribution running:
sudo certbot certonly --force-renew -d nasthomas.guix.eu
I then chose:
2: Place files in webroot directory (webroot)
the ouptut was then:
Plugins selected: Authenticator webroot, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for nasthomas.guix.eu Input the webroot for nasthomas.guix.eu: (Enter 'c' to cancel):
for this I input a local folder on my machine and then I got the following error:
Waiting for verification... Cleaning up challenges Failed authorization procedure. nasthomas.guix.eu (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://nasthomas.guix.eu/.well-known/acme-challenge/pfnUgplfTraMrg3UeHDVCnMjLZXm47P3Ned8pE9i42I: Timeout during connect (likely firewall problem)
IMPORTANT NOTES: The following errors were reported by the server:
Domain: nasthomas.guix.eu Type: connection Detail: Fetching http://nasthomas.guix.eu/.well-known/acme-challenge/pfnUgplfTraMrg3UeHDVCnMjLZXm47P3Ned8pE9i42I: Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
Which actually make sense as the 80 port is closed…
So I was wondering is there not any manual command I could run using my current certificate and asking it to renew for more 90 days?
Thanks again for your help,