Synology certificaat renewal

The cerificaat on my Synoloy NAS has been expired.

I ran this command: /usr/syno/sbin/syno-letsencrypt renew-all --vv.

It produced this output: nothing

My operating system is (include version): Synology DSM 6.1.3 build 15152.1

My web server is (include version): Integrated webstation?

Problem:
I had port 80h forwarding (used for creating certificate) disabled, so NAS was not able to automatically renew the certificate. Before renewal I have enabled this forwarding
I was not able to save the output, but the error was 403. (At the moment I’ve done too many attempt so I have to wait for my retry counter to be reset).

Actions:
I’ve forwarded port 80 in my Router to port 80 of my NAS.

Additional info:
I’ve tried with ZeroSSL also, but the file which must be copied to ,/well-known/acme-challenge can’t be accessed.
Default an index.html file is supplied by Synology webserver. Accessing mynas.com works fine.
For test I’ve created directory ./well-known and placed the index.html file here. I can acccess mynas.com/.well-known
I’ve create ./well-known/acme-challenge and placed index.html. I can NOT access mynas.com/.well-known/acme-challenge.

My questions:
Am I right the redirecting port 80 to NAS port 80 is only requirement? Or should I forward other ports?
Why can’t I access the acme-challenge directory?

hi @Forum026

This is best handled on the synology forums. syno-letsencrypt is a client developed by Synology so you will get the most useful answers out of them.

Andrei

I’ve solved this issue.

My hosting had enabled IPv6 support. The IPv6 adddress of my (NAS)subdomain was NOT forwarded to my NAS. I have disabled IPv6 support for this subdomain.
Now I can (re)create a Let’s encrypt certificate.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.