Synology no longer renews Letsencrypt under DSM 6.2.1

Chainsman · December 4, 2018, 3:26am

My challenges are suddenly not appearing under the nginx pageroot on DSM 6.2.1-23824 Update 1.

It claims “Not Synology DDNS” but I don’t use Synology DDNS.

It had been renewing successfully in the past.

Any thoughts or common experience?

Logs attached:

DEBUG: Issuer name of certificate. [Let's Encrypt]->[/usr/syno/etc/certificate/_archive/65z4tk/cert.pem]
DEBUG: Issuer name of certificate. [Synology Inc.]->[/usr/syno/etc/certificate/_archive/nFQTCS/cert.pem]
DEBUG: certificate is not issued by Let's encrypt. [/usr/syno/etc/certificate/_archive/nFQTCS/cert.pem]
DEBUG: start to renew [/usr/syno/etc/certificate/_archive/65z4tk].
DEBUG: setup acme url https://acme-v01.api.letsencrypt.org/directory
DEBUG: GET Request: https://acme-v01.api.letsencrypt.org/directory
DEBUG: strat to do new-authz for shared.example.com
DEBUG: ==> start new authz.
DEBUG: new authz: do new-authz.
DEBUG: Post JWS Request: https://acme-v01.api.letsencrypt.org/acme/new-authz
DEBUG: Post Request: https://acme-v01.api.letsencrypt.org/acme/new-authz
DEBUG: ==> start new authz.
DEBUG: new authz: do new-authz.
DEBUG: Post JWS Request: https://acme-v01.api.letsencrypt.org/acme/new-authz
DEBUG: Post Request: https://acme-v01.api.letsencrypt.org/acme/new-authz
DEBUG: Not synology DDNS.
DEBUG: DNS challenge failed, reason: {"error":108,"file":"challenge.cpp","msg":"Not synology DDNS."}

DEBUG: Normal challenge failed, reason: {"error":200,"file":"client.cpp","msg":"new_authz: unexpect httpcode."}

stevenzhu · December 4, 2018, 4:32am

Hi,

What is your domain name?
Is your domain name currently using synology's DDNS service (NS pointed to synology)?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

Thank you

system · January 3, 2019, 4:32am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.