Synology DS218 not connecting to Let's Encrypt

darkoflex · December 8, 2019, 12:32pm

Hello,

First of all, sorry for my poor English as I am writing from Switzerland.

As the ios app won’t let me see my files when I am out of my network, (I got the message for "non concording certificates), I bought a domain name to get a new certificate for it, but…

I try to get a Let’s Encrypt Certificate for my domain darkoflex.ch (and drive.darkoflex.ch).

As a result, I get an error message that tells : “Connexion to Let’s Encrypt failed. Make sure domain name is valid.”

When I am trying to connect to it now from outside, the browser let me know that my domain darkoflex.ch is using synology’s let’s encrypt certificate…

I already opened ports 80 and 403. DDNS set up done (I can access to my NAS using http).

The operating system is DSM (6.2.2 - 24922 - Update 4)

My domain name provider is: Infomaniak

Thanks in advance if you can provide some help!

orangepizza · December 8, 2019, 1:03pm

the site is timeouted from my computer. does it connected to internet?

darkoflex · December 8, 2019, 2:20pm

It is, I can access it through 4G

JuergenAuer · December 8, 2019, 2:52pm

Hi @darkoflex

it is not. See https://check-your-website.server-daten.de/?q=darkoflex.ch

Domainname	Http-Status	Sec.	G
• http://darkoflex.ch/ 213.55.175.212	-14	10.014	T
Timeout - The operation has timed out

• https://darkoflex.ch/ 213.55.175.212	-14	10.013	T
Timeout - The operation has timed out

• http://darkoflex.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 213.55.175.212	-14	10.016	T
Timeout - The operation has timed out
Visible Content:

Same checking the raw ip address - https://check-your-website.server-daten.de/?q=213.55.175.212

May be you are able to connect your domain because it's the same local network.

May be you have a firewall that blocks.

Port 80 must answer.

darkoflex · December 8, 2019, 3:50pm

Actually, I mapped this one drive.darkoflex.ch

JuergenAuer · December 8, 2019, 3:52pm

Then read the output. The ip address is the same. And the timeout is the same.

Letsencrypt must be able to connect your domain (if you use http validation).

And your Certbot must be able to connect Letsencrypt.

So answers (and not timeouts) are required.

JimPas · December 9, 2019, 2:17am

Isn't the second port for your redirect supposed to be port 443 and not 403?

Http opens your login page okay, but https times out.

Secure Connection Failed
An error occurred during a connection to darkoflex.ch. PR_END_OF_FILE_ERROR
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

darkoflex · December 9, 2019, 6:13am

I might have found the problem: even though all ports are open in my NAS, I had to configure ports 80 and 443 in its firewall; after that, I could get my Let’s Encrypt certificate and now everything seems up and running!
A big thank to orangepizza, JuergenAuer and JimPas for help!

system · January 8, 2020, 6:13am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.