Toplevel SSL cert on Synology


#1

I want to request a toplevel domain SSL certificate on my Synology DS415+
Already have done several successful requests for sub domains but I can’t get the TL to work.

(For instance) I have requested:
www.example.com
"mail.example.com

But now I want “example.com”.
Every time when I try to request it, it fails.
I have port 80/443 forwarded to my Synology (I can request sub domains without problems).
There is an A record for “example.com” in my providers DNS.

Is this supported? Am I doing something wrong?
Any help is appreciated. :slight_smile:


#2

Yes. Requesting a domain cert is no different to a subdomain cert.

The question is: how is it failing?

Unfortunately I failed in my mind-reading class, so could you please give us some info on what kind of server software you’re running, what client you are using, what command, and so on.


#3

I have a Synology DS415+
Nginx is running on this machine.

All is automated so on the other questions I don’t have answer to be honest.

This is the request form I need to fill in:


#4

Can you provide the information from the letsencrypt log, and does that show the reason in more detail ?


#5

I would love to provide you the log file information.
But I cant seem to find any logs regarding Let’s Encrypt.
I checked /var/log/ but there are no log files for LE.


#6

Perhaps they are in /var/log/messages ?


#7

Dec 23 10:57:42 syno-01 synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_create[13832]: certificate.cpp:1359 Failed to create Let'sEncrypt certificate. [1][syno-letsencrypt output is not a json: { "error": 102, "msg": "Invalid response from http://example.com/.well-known/acme-challenge/p-x93fbIR383m8AgzdnloH9sq9ycjHFSO3zBeei7JUc: "<!DOCTYPE html> `

(I have replaced my real domain with example.com)


#8

well, that gives some clues

Invalid response from http://example.com/.well-known/acme-challenge/p-x93fbIR383m8AgzdnloH9sq9ycjHFSO3zBeei7JUc: " !DOCTYPE html

but why you get that response if you use the domain, rather than a subdomain I don’t know. I suspect you may have better luck asking at synology. Does using your domain name go to exactly the same files as the www subdomain ?


#9

Yes it does.
I’ll have a go with Synology than.
Though I don’t think it will be solved anyways.
But life goes on. :smile:

Thanks for the help.


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.