I’d like to issue a ssl/tls certificate for a synology nas that runs on the internal network and cannot be accessed from the internet, thus the built-in feature to issue let’s encrypt certificates does not work.
The domain (projektwasser.at) is public, however the dns entry for the nas ([redacted].projektwasser.at) resolves via the internal dns server only.
I can imagine to add the dns entry to the public dns and allow internet access for the first issuance of the certificate, but not permanently to allow automatic renewal.
https://letsencrypt.org/docs/challenge-types/#dns-01-challenge seems the way to go, but how do I get the token from synology to add to the TXT record?
Any ideas how to solve the problem?
DNS registar: godaddy
synology DSM version: 6.2.3