My domain is: dickson.duckdns.org, have also tried m.duckdns.org, and nas.mix3dstudios.com
I ran this command:
I have tried both the visual GUI (which fails with the unable to open port 80 message) as well as through SSH:
sudo syno-letsencrypt new-cert -d dickson.duckdns.org -m juneku@gmail.com -v
It produced this output:
UI Logs in /var/log/messages
2019-03-11T16:10:10-07:00 Vault synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_create[2213]: certificate.cpp:973 syno-letsencrypt failed. 101 [failed to open port 80.]
2019-03-11T16:10:10-07:00 Vault synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_create[2213]: certificate.cpp:1392 Failed to create Let'sEncrypt certificate. [101][failed to open port 80.]
Manual SSH Result:
DEBUG: ==== start to new cert ==== DEBUG: Server: https://acme-v01.api.letsencrypt.org/directory DEBUG: Email: juneku@gmail.com DEBUG: Domain: m.duckdns.org DEBUG: ========================== DEBUG: setup acme url https://acme-v01.api.letsencrypt.org/directory DEBUG: GET Request: https://acme-v01.api.letsencrypt.org/directory DEBUG: Found registed account. used old account. [/usr/syno/etc/letsencrypt/account/wHNT0s/] DEBUG: strat to do new-authz for m.duckdns.org DEBUG: ==> start new authz. DEBUG: new authz: do new-authz. DEBUG: Post JWS Request: https://acme-v01.api.letsencrypt.org/acme/new-authz DEBUG: Post Request: https://acme-v01.api.letsencrypt.org/acme/new-authz DEBUG: new authz: setup challenge env. DEBUG: ==> start new authz. DEBUG: new authz: do new-authz. DEBUG: Post JWS Request: https://acme-v01.api.letsencrypt.org/acme/new-authz DEBUG: Post Request: https://acme-v01.api.letsencrypt.org/acme/new-authz DEBUG: new authz: setup challenge env. DEBUG: new authz: http-01 challenge. DEBUG: Post JWS Request: https://acme-v01.api.letsencrypt.org/acme/challenge/YxZsNZpDVBqqb4GnqBXj8LzN-i-R6a3Lg3WME20nRAU/13538773913 DEBUG: Post Request: https://acme-v01.api.letsencrypt.org/acme/challenge/YxZsNZpDVBqqb4GnqBXj8LzN-i-R6a3Lg3WME20nRAU/13538773913 DEBUG: new authz: http-01 check result. DEBUG: GET Request: https://acme-v01.api.letsencrypt.org/acme/authz/YxZsNZpDVBqqb4GnqBXj8LzN-i-R6a3Lg3WME20nRAU (Repeated 5 times, removed to meet url link post limit) DEBUG: Not synology DDNS. DEBUG: DNS challenge failed, reason: {"error":108,"file":"challenge.cpp","msg":"Not synology DDNS."} DEBUG: Normal challenge failed, reason: {"error":107,"file":"client.cpp","msg":"m.duckdns.org: Fetching http://m.duckdns.org/.well-known/acme-challenge/AS0x4wEX5lo3lC_37BTGnTgHFviN71vzDjWdOt7JoGI: Timeout during connect (likely firewall problem)"}
My web server is (include version): Synology DS418Play
The operating system my web server runs on is (include version): DSM 6.2.1-23824 Update 6
I can login to a root shell on my machine (yes or no, or I don't know): Yes
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): ??
Notes:
I have checked the .well-known/acme-challenge/ folder, and can fill a test file and access it on port 80, so I am unsure what the issue is. You can try curl http://m.duckdns.org/.well-known/acme-challenge/testing
I was able to create a certificate on the device once before, at dickson.duckdns.org, but it expired during a cross-country move and then I ran into this issue. Initially tried to renew it, it failed, so I instead removed it and tried to create a new one.