The Let's Encrypt server is busy. Please try again later

Synology DSM 6.2.4-25556 Update 2
My domain is: alphadata.si

I ran this command: under Control Panel -> Security - > Certificates - > add a new certificate - > Get a certificate from Let's encrypt

It produced this output: The Let's Encrypt server is busy. Please try again later.

Tested all the DSNs inserted under the "Subject alternative name" section against DNS A and /or CNAME records on my Provider's DNS server. All exist. The DSM version should also be the one, where the queries against Let's Encrypt servers work as I've red on different forums and other internet sources.
The IPv6 under Network section of ControlPannel is on " Off ", which could be the reason for some communication errors. Port 80 in forwarded on firewall/router to the Synology station.

What am I doing wrong?

My web server is: built-in DSM
The operating system my web server runs on is : Synology DSM (linux in reality)
My hosting provider, if applicable, is: No hosting provider
I can login to a root shell on my machine : yes, with putty usually from Windows
I'm using a control panel to manage my site: depends
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Not my case.

Hi @EntityOne, and welcome to the LE community forum :slight_smile:

Is that the latest version for your system?

I'd start with some troubleshooting from the CLI.
nslookup acme-v02.api.letsencrypt.org
curl -Ii https://acme-v02.api.letsencrypt.org/directory

4 Likes

Hi rg305.

I've upgraded to the DSN 6.2.4-25556 Update 6, which is the last version of the DSM 6th generation OS. The result is the same. Let me know that the upgrade to the v7.0 (and its successor v7.1 ) is recommended but not required. Synology still develops the 6th generation of DSM.

What You suggest next?

Thank You in advance for the answer.

1 Like

Next step = basic troubleshooting:

3 Likes

Hi rg305!

Here are the results:

and for the second:

image

Thank You, hope this will help You somehow.

2 Likes

That looks good.

What is the FQDN used by the NAS?

3 Likes

Hi rg305!

This one:

image

lp, tom

You won't be able to get a cert for such a "short name".
Global CAs are required to issue certs to only FQDNs from valid domain names.

3 Likes

That field requires only one word, not the FQDN.
Here is the online help:

lp , tom

hmm... OK.
What shows in "Control Panel"/"Security"/"Certificate" ?

2 Likes

Hi rg305!

This is shown under that :

image

lp tom

I'd try removing it and adding it back in.

4 Likes

I've tried, same result.

Hi rg305! Any other possible solutions to the problem ?

lp tom

Have you tried asking Synology or posted on their forums?

Because that message about Let's Encrypt servers being too busy makes no sense for this long. Sure, maybe that could happen briefly or during an outage but your first post about this was July 26. Many millions of LE certs have been issued since then.

The tests rg305 had you run showed you could contact the LE servers just fine.

That doesn't look like an error message from Let's Encrypt. Synology people would have better idea what can cause this peculiar error and how to correct it.

4 Likes

3 posts were split to a new topic: Half a dozen errors tonight saying that the server was busy

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.