Too many certificates - Synology

Help
1

Hello
I have changed my synology and I cannot add a new lets and crypt certificat on my new syno. Possible to delete my old certificat please ?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: vermot-desroches.fr

I ran this command: No cmmand

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version): Synology

My hosting provider, if applicable, is: OVH

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Many Thanks

1 Like
2

You should not have to delete the old cert to get a new one on a new machine.

What is the error you are getting on the new machine?

I don't see any cert history for the domain name you show. But I do see history for a different name. Which name are you trying to get a certificate for on the new machine?

nas.vermot-desroches.fr ?

5 Likes
3

Bonjour et merci pour votre réponse. Oui mon ancien certificat était pour ce nom DNS. Je souhaite le remplacer par Home.vermot-desroches.fr ou alors *.vermot-desroches.fr car je vais avoir 2 NAS (l'ancien et le nouveau). Donc j'aurai plusieurs nom DNS :
nas.vermot-desroches.fr
home.vermot-desroches.fr
public.vermot-desroches.fr

Concernant l'erreur, j'ai eu une fois le message comme quoi je ne pouvais pas demander un nouveau certificat car j'en avais trop.
Sinon, les messages récurrents sont un blocage IP tel que Firewall, blocage box ou proxy inversé.
Je désactive le firewall pour mettre a jour le certificat. J'ai autorisé le port 80 et 443 sur mon NAS et sur ma box .... Je ne sais plus quoi faire. Merci pour votre aide
Francois

1 Like
4

If the Synology is unable to get a cert, you should consider putting it behind a proxy that can get certs.

2 Likes
5

Il n'y a pas de raison. Avec mon ancien synology, cela fonctionnait.... J'attend juste confirmation que le problème ne vienne pas de chez Synology (trop de tentative ou autres).

6

Let's Encrypt has various limits (see here) but so does Synology. You have not gotten any certs for that domain this week so you have not exceeded that Let's Encrypt limit. And, unless you are trying this many times each hour you have not exceeded the "too many failed attempts' limit.

This is likely a Synology error and might be fixed with:

3 Likes
7

J'ai quand meme toujours ce message : Le nombre maximum de demande de certificats est atteins pour ce nom de domaine !
C'est quand mĂŞme bizarre non ?

8

Oui. We see this from Synology. Maybe remove the domain from Synology and start fresh?

3 Likes
9

Le supprimer ou ?

10

I don't know. We see the "Too Many" error often from Synology customers and there is not a clear fix. The Synology forum might be more helpful.

Your other problems are best tested using the Let's Debug site. You have different problems affecting the 3 different domain names. To get a cert for all 3 the Let's Debug test should be OK for all of them

https://letsdebug.net/

5 Likes
11

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.