Synology & LE don't work



I am looking for 2 weeks to install the certificate lets encrypt. I read some tutorials but it does not work.

Can anyone help me ? Please

The certificate lets encrypt is installed on my synology (DS618+ with DSM last update). Also, I see the renewal date on the certificate (12/06/2019). I had no error message.

I put this certificate by default and I deleted the old one (the self-signed synology certificate)

I use the synology domain name :

When I installed the certificate, I wrote:

domain name :
email : my email
Alternative name :

I checked: redirect the 5000 port to 5001
I disabled the firewall.

In my router (I use the freebox delta), I opened the ports then:

I redirected port 5000 to synology port 5000
I redirected port 5001 to port 5001 of synology
I redirected port 80 to port 80 of synology
I redirected port 443 to port 443 of synology

I restared my router.

But, i can’t to connect me to my server from the outside.

Inside, on my local network, i can to connect me with the domain name ( but not with my ip:5001 and not with

Thank you for your help !


Hi @petityom

we need your real domain name to check that.

Checking a special port you can use my online tool ( ), that supports checks of non-standard ports like 5000 / 5001.

We have a list of tools

but most tools support only the standard ports 80 / 443.


Thank you !

Im sorry but im a beginner with the ssl certificate. Can you help me if i give you my real domain name ? I’m just a little bit afraid about to writing it here. Can you delete it after ? I tried to write you in pv but i dont find the possibility on this site.


Please read the standard template of the #help category:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):


My domain name is

Thank you very much


You have checked your domain yesterday -

There are only timeouts.

So your domain isn’t visible, so Letsencrypt can’t check your domain name.

PS: If you want to use http-01 validation, an open port 80 is required. You can use a redirect to port 443. But to check your domain, you can’t use port 5000 or 5001.

You can install the certificate on that port. But to create a certificate, port 80 is required.

Or you use dns-01 validation. Then you don’t need a running webserver.


So if i understand correctly, i have to change, in the dsm setting, the port 5000 in 80 and the port 5001 in 443 ?

Then open in the router the port 80 and 443 ?

Then renewal my certificate ?

Then, after that, i can to change, in the dsm setting, the port 80 in 5000 and the port 443 in 5001 ? And same for the router. And i have to let the 80 port open ?


You have already created some certificates:

The last - 2019-03-14.

And DSM has an own solution, so you don’t need an own client.

Perhaps you have to install the certificate, not only to create one.

Check the DSM documentation.

closed #9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.