Synology error: cannot connect to Let's Encrypt

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: ianhyzy.me

I ran this command:

It produced this output:

My web server is (include version):

Latest synology release, I think it uses nginx under the hood
DSM 6.2.2-24922 Update 4

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Synology

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
I do not use certbot ?

I previously used a docker container that would auto-update the certs but I’d like to use the built in version that synology offers as it’s simpler to use with some other apps I want to add.

Could you check if anything more specific appears in the Synology logs (/var/log/messages maybe)?

This error gives us little to go on.

Looks like a port conflict?
2020-05-01T00:00:10-05:00 Vault101 syno_disk_health_record: smtp.c:475 Error Message: The credentials do not contain the necessary fields need to refresh the access token. You must specify refresh_token, token_uri, client_id, and client_secret.
2020-05-01T00:00:10-05:00 Vault101 syno_disk_health_record: mail_smtp_error_call_back.c (42) Failed to send email. (Error: Authentication Failed)
2020-05-01T16:38:29-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-01T16:38:30-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-02T16:38:28-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-02T16:38:29-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-03T16:38:28-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-03T16:38:29-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-04T15:29:13-05:00 Vault101 notification_refresh_token: cred_request.cpp:979 (pid=26216)HTTP Error(400)
2020-05-04T15:29:13-05:00 Vault101 notification_refresh_token: notification_refresh_token.cpp:57 Failed to process curl process, errorno: 14
2020-05-04T15:29:13-05:00 Vault101 notification_refresh_token: notification_refresh_token.cpp:134 SYNOSmtpRefreshToken failed.
2020-05-04T15:29:13-05:00 Vault101 synoscgi_SYNO.Docker.Image_1_pull_start[25753]: Failed to exec update access token command.
2020-05-04T16:38:29-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-04T16:38:30-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-05T16:38:28-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-05T16:38:29-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-06T16:38:29-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-06T16:38:31-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-07T16:38:31-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-07T16:38:33-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-08T16:38:30-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-08T16:38:32-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-08T20:51:29-05:00 Vault101 ddnsd: ddnsd.c:2962 DDNS get Ext-IP failed. Count[1]
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:67 unlink failed: /usr/syno/synoman/scripts/ext-3.4/ux/ux-all.css
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:74 symlink failed:/usr/syno/synoman/scripts/ext-3.4/ux/ux-all-business.css to /usr/syno/synoman/scripts/ext-3.4/ux/ux-all.css
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:67 unlink failed: /usr/syno/synoman/webman/resources/css/desktop.css
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:74 symlink failed:/usr/syno/synoman/webman/resources/css/desktop-business.css to /usr/syno/synoman/webman/resources/css/desktop.css
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:67 unlink failed: /usr/syno/synoman/synoSDSjslib/sds.css
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:74 symlink failed:/usr/syno/synoman/synoSDSjslib/sds-business.css to /usr/syno/synoman/synoSDSjslib/sds.css
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:67 unlink failed: /usr/syno/synoman/scripts/ext-3.4/ux/ux-all.css.gz
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:74 symlink failed:/usr/syno/synoman/scripts/ext-3.4/ux/ux-all-business.css.gz to /usr/syno/synoman/scripts/ext-3.4/ux/ux-all.css.gz
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:67 unlink failed: /usr/syno/synoman/webman/resources/css/desktop.css.gz
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:74 symlink failed:/usr/syno/synoman/webman/resources/css/desktop-business.css.gz to /usr/syno/synoman/webman/resources/css/desktop.css.gz
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:67 unlink failed: /usr/syno/synoman/synoSDSjslib/sds.css.gz
2020-05-09T00:39:44-05:00 Vault101 index.cgi: ThemeHelper.cpp:74 symlink failed:/usr/syno/synoman/synoSDSjslib/sds-business.css.gz to /usr/syno/synoman/synoSDSjslib/sds.css.gz
2020-05-09T12:08:58-05:00 Vault101 ddnsd: ddnsd.c:2962 DDNS get Ext-IP failed. Count[1]
2020-05-09T16:38:28-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-09T16:38:29-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-09T18:25:57-05:00 Vault101 if_link_down hook event: eth0
2020-05-09T18:25:57-05:00 Vault101 synonetd: net_default_gateway_set.c:34 failed to set default gateway 192.168.1.1 (7).
2020-05-09T18:25:58-05:00 Vault101 gateway_change hook event: DEL 0.0.0.0 on eth0
2020-05-09T18:25:58-05:00 Vault101 gateway_change hook event: DEL 192.168.1.1 on eth0
2020-05-09T18:25:58-05:00 Vault101 [1734595.016974] init: nmbd main process (29821) killed by TERM signal
2020-05-09T18:26:28-05:00 Vault101 ddnsd: ddnsd.c:2962 DDNS get Ext-IP failed. Count[1]
2020-05-09T18:27:05-05:00 Vault101 if_link_up hook event: eth0
2020-05-09T18:27:05-05:00 Vault101 ddnsd: ddnsd.c:2920 DDNS got SIGHUP. UpdateAll.
2020-05-09T18:27:06-05:00 Vault101 dns_change hook event: (1) DNS1=192.168.1.1
2020-05-09T18:27:07-05:00 Vault101 ipv4_change hook event: eth0 192.168.1.201->none
2020-05-09T18:27:07-05:00 Vault101 [1734663.830256] init: iscsi_pluginserverd main process (30942) killed by TERM signal
2020-05-09T18:27:07-05:00 Vault101 [1734663.850757] init: iscsi_pluginengined main process (30923) killed by TERM signal
2020-05-09T18:27:07-05:00 Vault101 ipv4_change hook event: eth0 none->192.168.1.201
2020-05-09T18:27:07-05:00 Vault101 gateway_change hook event: NEW 0.0.0.0 on eth0
2020-05-09T18:27:07-05:00 Vault101 gateway_change hook event: NEW 192.168.1.1 on eth0
2020-05-09T18:27:07-05:00 Vault101 gateway_change hook event: NEW 192.168.1.1 on eth0
2020-05-09T18:27:07-05:00 Vault101 gateway_change: SYSTEM: Last message ‘hook event: NEW 192.’ repeated 1 times, suppressed by syslog-ng on Vault101
2020-05-09T18:27:07-05:00 Vault101 gateway_change hook event: DEL 192.168.1.1 on eth0
2020-05-09T18:27:08-05:00 Vault101 [1734664.589265] init: iscsi_pluginserverd main process (31530) killed by TERM signal
2020-05-09T18:27:08-05:00 Vault101 [1734664.667782] init: iscsi_pluginengined main process (31494) killed by TERM signal
2020-05-09T18:27:09-05:00 Vault101 [1734665.527177] init: nmbd main process (31889) killed by TERM signal
2020-05-09T18:27:09-05:00 Vault101 if_link_down hook event: eth0
2020-05-09T18:27:09-05:00 Vault101 [1734666.243768] init: nmbd main process (32055) killed by TERM signal
2020-05-09T18:27:09-05:00 Vault101 [1734666.277476] init: iscsi_pluginserverd main process (31801) killed by TERM signal
2020-05-09T18:27:09-05:00 Vault101 [1734666.300987] init: iscsi_pluginengined main process (31785) killed by TERM signal
2020-05-09T18:27:09-05:00 Vault101 synonetd: net_default_gateway_set.c:34 failed to set default gateway 192.168.1.1 (7).
2020-05-09T18:27:10-05:00 Vault101 gateway_change hook event: DEL 0.0.0.0 on eth0
2020-05-09T18:27:10-05:00 Vault101 [1734667.299777] init: nmbd main process (32344) killed by TERM signal
2020-05-09T18:27:10-05:00 Vault101 gateway_change hook event: DEL 192.168.1.1 on eth0
2020-05-09T18:27:12-05:00 Vault101 if_link_up hook event: eth0
2020-05-09T18:27:12-05:00 Vault101 [1734668.770144] init: iscsi_pluginserverd main process (32222) killed by TERM signal
2020-05-09T18:27:12-05:00 Vault101 [1734668.797464] init: iscsi_pluginengined main process (32210) killed by TERM signal
2020-05-09T18:27:13-05:00 Vault101 dns_change hook event: (1) DNS1=192.168.1.1
2020-05-09T18:27:13-05:00 Vault101 ipv4_change hook event: eth0 192.168.1.201->none
2020-05-09T18:27:14-05:00 Vault101 [1734670.612455] init: iscsi_pluginserverd main process (462) killed by TERM signal
2020-05-09T18:27:14-05:00 Vault101 [1734670.632792] init: iscsi_pluginengined main process (453) killed by TERM signal
2020-05-09T18:27:14-05:00 Vault101 ipv4_change hook event: eth0 none->192.168.1.201
2020-05-09T18:27:14-05:00 Vault101 gateway_change hook event: NEW 0.0.0.0 on eth0
2020-05-09T18:27:14-05:00 Vault101 gateway_change hook event: NEW 192.168.1.1 on eth0
2020-05-09T18:27:14-05:00 Vault101 gateway_change hook event: DEL 192.168.1.1 on eth0
2020-05-09T18:27:14-05:00 Vault101 gateway_change hook event: NEW 192.168.1.1 on eth0
2020-05-09T18:27:14-05:00 Vault101 [1734671.295645] init: iscsi_pluginserverd main process (1158) killed by TERM signal
2020-05-09T18:27:14-05:00 Vault101 [1734671.343830] init: iscsi_pluginengined main process (1100) killed by TERM signal
2020-05-09T18:27:15-05:00 Vault101 [1734672.327056] init: nmbd main process (1424) killed by TERM signal
2020-05-09T18:27:16-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-09T18:27:16-05:00 Vault101 ddnsd: ddnsd.c:2920 DDNS got SIGHUP. UpdateAll.
2020-05-09T18:27:16-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-09T18:27:17-05:00 Vault101 [1734673.528544] init: nmbd main process (1680) killed by TERM signal
2020-05-09T18:27:45-05:00 Vault101 if_link_down hook event: eth0
2020-05-09T18:27:45-05:00 Vault101 synonetd: net_default_gateway_set.c:34 failed to set default gateway 192.168.1.1 (7).
2020-05-09T18:27:46-05:00 Vault101 gateway_change hook event: DEL 0.0.0.0 on eth0
2020-05-09T18:27:46-05:00 Vault101 gateway_change hook event: DEL 192.168.1.1 on eth0
2020-05-09T18:27:51-05:00 Vault101 if_link_up hook event: eth0
2020-05-09T18:27:51-05:00 Vault101 [1734707.883289] init: nmbd main process (2943) killed by TERM signal
2020-05-09T18:27:51-05:00 Vault101 ddnsd: ddnsd.c:2920 DDNS got SIGHUP. UpdateAll.
2020-05-09T18:27:52-05:00 Vault101 [1734708.923216] init: nmbd main process (3621) killed by TERM signal
2020-05-09T18:27:52-05:00 Vault101 dns_change hook event: (1) DNS1=192.168.1.1
2020-05-09T18:27:53-05:00 Vault101 ipv4_change hook event: eth0 192.168.1.201->none
2020-05-09T18:27:53-05:00 Vault101 [1734709.808276] init: iscsi_pluginserverd main process (3532) killed by TERM signal
2020-05-09T18:27:53-05:00 Vault101 [1734709.871089] init: iscsi_pluginengined main process (3523) killed by TERM signal
2020-05-09T18:27:53-05:00 Vault101 [1734709.997673] init: nmbd main process (3956) killed by TERM signal
2020-05-09T18:27:53-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-09T18:27:53-05:00 Vault101 ipv4_change hook event: eth0 none->192.168.1.201
2020-05-09T18:27:54-05:00 Vault101 gateway_change hook event: NEW 0.0.0.0 on eth0
2020-05-09T18:27:54-05:00 Vault101 gateway_change hook event: NEW 192.168.1.1 on eth0
2020-05-09T18:27:54-05:00 Vault101 gateway_change hook event: DEL 192.168.1.1 on eth0
2020-05-09T18:27:54-05:00 Vault101 [1734710.678417] init: iscsi_pluginserverd main process (4114) killed by TERM signal
2020-05-09T18:27:54-05:00 Vault101 gateway_change hook event: NEW 192.168.1.1 on eth0
2020-05-09T18:27:54-05:00 Vault101 [1734710.721823] init: iscsi_pluginengined main process (4071) killed by TERM signal
2020-05-09T18:27:55-05:00 Vault101 [1734711.681026] init: nmbd main process (4464) killed by TERM signal
2020-05-09T18:27:56-05:00 Vault101 [1734713.009139] init: nmbd main process (4693) killed by TERM signal
2020-05-10T04:46:03-05:00 Vault101 cloud-sync-starter: [INFO] dscs-history-change-db.cpp(260): History db is initialized successfully at location ‘/volume1/@cloudsync/db/history.sqlite’
2020-05-10T04:46:13-05:00 Vault101 builtin-synodatacollect-udc: datacollector.cpp:39 file /usr/syno/bin/user.data.collector/synouserdata_app_usage is not executable
2020-05-10T04:46:13-05:00 Vault101 builtin-synodatacollect-udc: synodatacollect.cpp:116 failed to collect data by application_usage
2020-05-10T04:46:15-05:00 Vault101 builtin-synodatacollect-udc: datacollector.cpp:39 file /usr/syno/bin/user.data.collector/synouserdata_dhm_testlog is not executable
2020-05-10T04:46:15-05:00 Vault101 builtin-synodatacollect-udc: synodatacollect.cpp:116 failed to collect data by dhm_testlog
2020-05-10T04:46:15-05:00 Vault101 builtin-synodatacollect-udc: datacollector.cpp:39 file /usr/syno/bin/user.data.collector/synouserdata_disk_daily_info is not executable
2020-05-10T04:46:15-05:00 Vault101 builtin-synodatacollect-udc: synodatacollect.cpp:116 failed to collect data by disk_daily_info
2020-05-10T04:46:25-05:00 Vault101 notification_refresh_token: cred_request.cpp:979 (pid=3960)HTTP Error(400)
2020-05-10T04:46:25-05:00 Vault101 notification_refresh_token: notification_refresh_token.cpp:57 Failed to process curl process, errorno: 14
2020-05-10T04:46:25-05:00 Vault101 notification_refresh_token: notification_refresh_token.cpp:134 SYNOSmtpRefreshToken failed.
2020-05-10T04:46:25-05:00 Vault101 synouserdata_mail: Failed to exec update access token command.
2020-05-10T16:38:28-05:00 Vault101 ddnsd: ddnsd.c:2986 DDNS Expired. UpdateAll.
2020-05-10T16:38:29-05:00 Vault101 ddnsd: ddnsd.c:1941 Success to update [ianhyzy.duckdns.org] with IP [216.80.23.50] at [USER_duckdns]
2020-05-10T17:02:54-05:00 Vault101 php: This package is signed by unknown developer.
2020-05-10T17:03:04-05:00 Vault101 php: This package is signed by unknown developer.
2020-05-10T17:03:33-05:00 Vault101 php: SYSTEM: Last message ‘This package is sign’ repeated 1 times, suppressed by syslog-ng on Vault101
2020-05-10T17:03:33-05:00 Vault101 synoscgi_SYNO.Core.Package.Installation_1_install[6131]: resource_api.cpp:267 Release service-cfg for Plex Media Server when 0x0002 (done)
2020-05-10T17:03:46-05:00 Vault101 synoscgi_SYNO.Core.Package.Installation_1_install[6885]: resource_api.cpp:179 Acquire service-cfg for Plex Media Server when 0x0002 (done)
2020-05-10T17:04:21-05:00 Vault101 synoscgi_SYNO.Core.Package_2_list[11159]: list.cpp:330 SYNO.Core.Package.list rollback to direct call
2020-05-10T17:04:25-05:00 Vault101 notification_refresh_token: cred_request.cpp:979 (pid=11917)HTTP Error(400)
2020-05-10T17:04:25-05:00 Vault101 notification_refresh_token: notification_refresh_token.cpp:57 Failed to process curl process, errorno: 14
2020-05-10T17:04:25-05:00 Vault101 notification_refresh_token: notification_refresh_token.cpp:134 SYNOSmtpRefreshToken failed.
2020-05-10T17:04:25-05:00 Vault101 synoscgi_SYNO.Docker.Image_1_pull_start[11001]: Failed to exec update access token command.
2020-05-10T17:07:17-05:00 Vault101 notification_refresh_token: cred_request.cpp:979 (pid=17366)HTTP Error(400)
2020-05-10T17:07:17-05:00 Vault101 notification_refresh_token: notification_refresh_token.cpp:57 Failed to process curl process, errorno: 14
2020-05-10T17:07:17-05:00 Vault101 notification_refresh_token: notification_refresh_token.cpp:134 SYNOSmtpRefreshToken failed.
2020-05-10T17:07:17-05:00 Vault101 notify: Failed to exec update access token command.
2020-05-10T17:11:38-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/4bff00f2-6424-4bcf-9435-309d93c059ad
2020-05-10T17:24:49-05:00 Vault101 syno-letsencrypt: syno-letsencrypt.cpp:116 Failed to do new authorization, may retry with another type. [{“error”:200,“file”:“client_v2.cpp”,“msg”:“Fetching http://sonarr.ianhyzy.me/.well-known/acme-challenge/fwmjB3awmL9_AIyZ4PYeE_hEh-mhasscQ3GPHmO6umE: Timeout during connect (likely firewall problem)”}
]
2020-05-10T17:26:51-05:00 Vault101 syno-letsencrypt: syno-letsencrypt.cpp:116 Failed to do new authorization, may retry with another type. [{“error”:200,“file”:“client_v2.cpp”,“msg”:“do new auth by path: failed to do challenge.”}
]
2020-05-10T17:26:51-05:00 Vault101 synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_create[9378]: certificate.cpp:973 syno-letsencrypt failed. 102 [Failed to new certificate.]
2020-05-10T17:26:51-05:00 Vault101 synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_create[9378]: certificate.cpp:1392 Failed to create Let’sEncrypt certificate. [102][Failed to new certificate.]
2020-05-10T17:29:38-05:00 Vault101 syno-letsencrypt: syno-letsencrypt.cpp:116 Failed to do new authorization, may retry with another type. [{“error”:200,“file”:“client_v2.cpp”,“msg”:"Invalid response from http://ianhyzy.me/.well-known/acme-challenge/MOjv7VBvts2_3y_lToyaD09cEHZNK-oyxw2TiDxF53c [185.199.108.153]: “\n\n \n <meta http-equiv=\“Content-type\” content=\“text/html; charset=utf-8\”>\n <meta http-equiv=\“Co””}
]
2020-05-10T17:31:41-05:00 Vault101 syno-letsencrypt: syno-letsencrypt.cpp:116 Failed to do new authorization, may retry with another type. [{“error”:200,“file”:“client_v2.cpp”,“msg”:“do new auth by path: failed to do challenge.”}
]
2020-05-10T17:31:41-05:00 Vault101 synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_create[11410]: certificate.cpp:973 syno-letsencrypt failed. 102 [Failed to new certificate.]
2020-05-10T17:31:41-05:00 Vault101 synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_create[11410]: certificate.cpp:1392 Failed to create Let’sEncrypt certificate. [102][Failed to new certificate.]
2020-05-10T18:45:15-05:00 Vault101 synoscgi_SYNO.Core.AppPortal.ReverseProxy_1_create[4079]: engine.cpp:317 Runtime port 7878 conflict for nginx
2020-05-10T18:45:15-05:00 Vault101 synoscgi_SYNO.Core.AppPortal.ReverseProxy_1_create[4079]: reverse_proxy.cpp:36 Resource acquire failed
2020-05-10T18:45:24-05:00 Vault101 synoscgi_SYNO.Core.AppPortal.ReverseProxy_1_create[4226]: engine.cpp:317 Runtime port 7878 conflict for nginx
2020-05-10T18:45:24-05:00 Vault101 synoscgi_SYNO.Core.AppPortal.ReverseProxy_1_create[4226]: reverse_proxy.cpp:36 Resource acquire failed
2020-05-10T18:46:11-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/4bff00f2-6424-4bcf-9435-309d93c059ad
2020-05-10T18:46:11-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/5e395a2d-2768-4635-b13a-fcad82539c35
2020-05-10T18:47:45-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/2e18bbdc-8279-4f20-bc42-8aaddf17ccca
2020-05-10T18:47:46-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/4bff00f2-6424-4bcf-9435-309d93c059ad
2020-05-10T18:47:46-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/5e395a2d-2768-4635-b13a-fcad82539c35
2020-05-10T18:48:18-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/2e18bbdc-8279-4f20-bc42-8aaddf17ccca
2020-05-10T18:48:18-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/4bff00f2-6424-4bcf-9435-309d93c059ad
2020-05-10T18:48:18-05:00 Vault101 synocrtregister: synocrtregister.cpp:163 Register certificate for ReverseProxy/5e395a2d-2768-4635-b13a-fcad82539c35

I just pasted the logs in but it got caught in the spam filter, this looks like the line in question:
2020-05-10T17:24:49-05:00 Vault101 syno-letsencrypt: syno-letsencrypt.cpp:116 Failed to do new authorization, may retry with another type. [{“error”:200,“file”:“client_v2.cpp”,“msg”:“Fetching http://sonarr.ianhyzy.me/.well-known/acme-challenge/fwmjB3awmL9_AIyZ4PYeE_hEh-mhasscQ3GPHmO6umE: Timeout during connect (likely firewall problem)”}

Port 80 is forwarded to my DSM. It also mentions 7878, does LE need that?

2020-05-10T17:31:41-05:00 Vault101 synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_create[11410]: certificate.cpp:1392 Failed to create Let'sEncrypt certificate. [102][Failed to new certificate.]
2020-05-10T18:45:15-05:00 Vault101 synoscgi_SYNO.Core.AppPortal.ReverseProxy_1_create[4079]: engine.cpp:317 Runtime port 7878 conflict for nginx
2020-05-10T18:45:15-05:00 Vault101 synoscgi_SYNO.Core.AppPortal.ReverseProxy_1_create[4079]: reverse_proxy.cpp:36 Resource acquire failed
2020-05-10T18:45:24-05:00 Vault101 synoscgi_SYNO.Core.AppPortal.ReverseProxy_1_create[4226]: engine.cpp:317 Runtime port 7878 conflict for nginx
2020-05-10T18:45:24-05:00 Vault101 synoscgi_SYNO.Core.AppPortal.ReverseProxy_1_create[4226]: reverse_proxy.cpp:36 Resource acquire failed

There’s also this:
2020-05-10T17:31:41-05:00 Vault101 syno-letsencrypt: syno-letsencrypt.cpp:116 Failed to do new authorization, may retry with another type. [{“error”:200,“file”:“client_v2.cpp”,“msg”:“do new auth by path: failed to do challenge.”}
]

For the sonarr domain:

Your ISP (RCN) blocks port 80 for external connections, so you can’t use the HTTP challenge. It will always fail.

I think (but I’m not sure, don’t own one) that you can use the DNS challenge with Synology DSM. Might need to look in the Synology manual for that.

Are you trying to get a certificate for sonarr.ianhyzy.me or just for ianhyzy.me? They point to different servers.

Well, that’s good to know but less than ideal. It doesn’t look like I can use DNS challenges: https://www.synology.com/en-us/knowledgebase/DSM/help/DSM/AdminCenter/connection_certificate

:frowning: . This is the best alternative I can think of : https://github.com/acmesh-official/acme.sh/wiki/Synology-NAS-Guide . Hook it up with your Cloudflare API key and it should work.

But as you mentioned already, it’s not as simple or user-friendly.

I’m trying this guide, and I’m getting stuck here:


They said not to use sudo for this so I’m not sure where to go from here. I’ll keep looking

Sorry about the spam filter. It’s correct sometimes. Your post is visible now.

I got this working. For reasons unknown to me, the “reccomended” method that’s easier is below the method that didn’t work for me. Either way, here’s the direct link for anyone else seeing this:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.