Try to generate certificate with DSM

My domain is: mcflux.org

I ran this command: Generate certificate with DSM (Synology)

It produced this output: could not validate domain (told me domains is wrong). Now I get the message that the limit to apply for a certificate is reached for my domain. I have a German setup, so I dont know it the error message helps

My web server is (include version): DSM 6.2.2.24922

The operating system my web server runs on is (include version): Linux

My hosting provider, if applicable, is: myself

I can login to a root shell on my machine (yes or no, or I don't know): I dont know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
My synology DSM

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

It tells me I reached the max tries to apply fo a certificate. I didnt realize that those "tires" count as applying when I get an error message...

Followed the following guide: DiskStation Manager - Knowledge Base | Synology Inc.

If I can get one more try, I could chnage to english and identify the error message better.

Kind regards
Patrick

Hi @garcipat

what's the exact error message? There are different limits.

Checking your domain there are only timeouts - see mcflux.org - Make your website better - DNS, redirects, mixed content, certificates

A working port 80 is required if your DSM (normally) uses http validation.

Your ip

Host Type IP-Address is auth. ∑ Queries ∑ Timeout
mcflux.org A 31.164.183.53 Winterthur/Zurich/Switzerland (CH) - Sunrise Communications AG Hostname: xdsl-31-164-183-53.adslplus.ch yes 1 0
AAAA yes
www.mcflux.org A 31.164.183.53 Winterthur/Zurich/Switzerland (CH) - Sunrise Communications AG Hostname: xdsl-31-164-183-53.adslplus.ch yes 1 0
AAAA yes

looks like a home server. Does your ISP allow incoming port 80 traffic?

Correct router / port forwarding configuration?

1 Like

I had my traffic going to a separat computer and I read that I need to disable it. I will fordward teh traffic of port 80 to my synology, maybe this is required that it can talk with Lets Encrypt.

I het the first error message now that tells me, I cannot connect to Lets Encrypt, I should check my domain.

This seem to be the problem before. It couldnt connect because the port was not forwarded. It worked now. Thank you for the hint!

1 Like

Yes, that's required.

Letsencrypt must be able to connect your domain, port 80. So if online tools can't connect your domain, Letsencrypt can't connect.

So we know the DSM error message is a little bit wrong.

1 Like