Dear Let’s Encrypt Community,
I keep running into certificate renewal issues with my domain vanhooren.net, which I mainly use to connect to my Synology NAS.
I have the standard Synology webserver running a website at www.vanhooren.net on ports 80 and 443, showing a simple logo, to allow Let’s Encrypt to connect. Unfortunately I keep getting “failed to open port 80” error when trying to setup a new or renew the existing certificate.
recent output of “sudo grep letsencrypt /var/log/messages”:
2017-03-23T19:42:45+01:00 Synology builtin-syno-letsencrypt-syno-letsencrypt: autorenew: syno-letsencrypt.cpp:288 Failed to renew /usr/syno/etc/certificate/_archive/RVZuM2/. { "error": 101, "msg": "failed to open port 80.", "file": "client.cpp:472"} 2017-04-04T09:00:15+02:00 Synology builtin-syno-letsencrypt-syno-letsencrypt: autorenew: syno-letsencrypt.cpp:288 Failed to renew /usr/syno/etc/certificate/_archive/RVZuM2/. { "error": 101, "msg": "failed to open port 80.", "file": "client.cpp:472"} 2017-04-13T16:29:29+02:00 Synology builtin-syno-letsencrypt-syno-letsencrypt: autorenew: syno-letsencrypt.cpp:288 Failed to renew /usr/syno/etc/certificate/_archive/RVZuM2/. { "error": 101, "msg": "failed to open port 80.", "file": "client.cpp:472"} 2017-04-18T23:14:18+02:00 Synology builtin-syno-letsencrypt-syno-letsencrypt: autorenew: syno-letsencrypt.cpp:288 Failed to renew /usr/syno/etc/certificate/_archive/RVZuM2/. { "error": 101, "msg": "failed to open port 80.", "file": "client.cpp:472"} 2017-04-20T09:50:39+02:00 Synology syno-letsencrypt: syno-letsencrypt.cpp:288 Failed to renew /usr/syno/etc/certificate/_archive/RVZuM2/. { "error": 101, "msg": "failed to open port 80.", "file": "client.cpp:472"} 2017-04-20T09:55:57+02:00 Synology syno-letsencrypt: syno-letsencrypt.cpp:288 Failed to renew /usr/syno/etc/certificate/_archive/RVZuM2/. { "error": 101, "msg": "failed to open port 80.", "file": "client.cpp:472"}
All network traffic to port 80/443 is forwarded to my Synology and should be accessible from outside. I can also reach www.vanhooren.net from outside my LAN, so this would confirm port 80 is open and working (correct me if I’m wrong here).
Does it have anything to do with the fact that vanhooren.net reroutes to synology.vanhooren.net:5000 and only www.vanhooren.net can be reached at port 80?
(I prefer to use vanhooren.net to get to my Synology login instead of having to use a prefix)
If so, how was it then possible to get the certificate working before? In other words: can I keep my setup and get Let’s Encrypt certificates to work?
Thanks a ton for any advice!
-Joost