The Let's Encrypt server is busy. Please try again later

Synology DSM 6.2.4-25556 Update 2
My domain is:

I ran this command: under Control Panel -> Security - > Certificates - > add a new certificate - > Get a certificate from Let's encrypt

It produced this output: The Let's Encrypt server is busy. Please try again later.

Tested all the DSNs inserted under the "Subject alternative name" section against DNS A and /or CNAME records on my Provider's DNS server. All exist. The DSM version should also be the one, where the queries against Let's Encrypt servers work as I've red on different forums and other internet sources.
The IPv6 under Network section of ControlPannel is on " Off ", which could be the reason for some communication errors. Port 80 in forwarded on firewall/router to the Synology station.

What am I doing wrong?

My web server is: built-in DSM
The operating system my web server runs on is : Synology DSM (linux in reality)
My hosting provider, if applicable, is: No hosting provider
I can login to a root shell on my machine : yes, with putty usually from Windows
I'm using a control panel to manage my site: depends
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Not my case.

Hi @EntityOne, and welcome to the LE community forum :slight_smile:

Is that the latest version for your system?

I'd start with some troubleshooting from the CLI.
curl -Ii


Hi rg305.

I've upgraded to the DSN 6.2.4-25556 Update 6, which is the last version of the DSM 6th generation OS. The result is the same. Let me know that the upgrade to the v7.0 (and its successor v7.1 ) is recommended but not required. Synology still develops the 6th generation of DSM.

What You suggest next?

Thank You in advance for the answer.

1 Like

Next step = basic troubleshooting:


Hi rg305!

Here are the results:

and for the second:


Thank You, hope this will help You somehow.


That looks good.

What is the FQDN used by the NAS?


Hi rg305!

This one:


lp, tom

You won't be able to get a cert for such a "short name".
Global CAs are required to issue certs to only FQDNs from valid domain names.


That field requires only one word, not the FQDN.
Here is the online help:

lp , tom

hmm... OK.
What shows in "Control Panel"/"Security"/"Certificate" ?