Not sure what rate limit I hit in this situation, my cert expires tomorrow……
And I don’t know why it failed to renew on DSM. I enabled HSPS on Web Station in DSM. Not sure if that’s the problem.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
it found you have two backend server (both pointing to different aws ec2) it looks like it
abnd www.magiklog.com points yet another ip address (this looks like it's your NAS
you may edit DNS record of magiklog.com 's A record to match www.magiklog.com, or remove magiklog.com from certificate request.
Which domain name(s) are you trying to get a cert for? In your crt.sh history it shows certs with both magiklog.com and www.magiklog.com. But, your DNS for each name points to different servers.
well, they (godaddy) redirect to you www verison currectly so it may be false warning:
did you try open DSM menu to request cert manually and see the log?
You are using GoDaddy's domain forwarding service for your www subdomain. Turn that off then wait a bit (up to an hour) then you can modify your A record. Your current A record is the GoDaddy forwarding server.
2021-12-19T07:15:03-08:00 JianHome synoscgi_SYNO.Core.Certificate_1_export[10950]: uploadsslca.cpp:433 Failed to clean up files
2021-12-19T07:16:02-08:00 JianHome synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_renew[11482]: certificate.cpp:1663 handle le renew. [e3ZzzP]
2021-12-19T07:16:03-08:00 JianHome synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_renew[11482]: certificate.cpp:1157 syno-letsencrypt failed. 104 [Error creating new order :: too many failed authorizations recently: see Rate Limits - Let's Encrypt]
2021-12-19T07:16:03-08:00 JianHome synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_renew[11482]: certificate.cpp:1668 Failed to renew Let'sEncrypt certificate. [104][Error creating new order :: too many failed authorizations recently: see Rate Limits - Let's Encrypt]
2021-12-19T07:34:20-08:00 JianHome synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_renew[18005]: certificate.cpp:1663 handle le renew. [e3ZzzP]
2021-12-19T07:34:21-08:00 JianHome synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_renew[18005]: certificate.cpp:1157 syno-letsencrypt failed. 104 [Error creating new order :: too many failed authorizations recently: see Rate Limits - Let's Encrypt]
2021-12-19T07:34:21-08:00 JianHome synoscgi_SYNO.Core.Certificate.LetsEncrypt_1_renew[18005]: certificate.cpp:1668 Failed to renew Let'sEncrypt certificate. [104][Error creating new order :: too many failed authorizations recently: see Rate Limits - Let's Encrypt]
it's erroed too much so you got 300 new order in 3 hours. and as redirect is done on godaddy side and you don't give cert to it, just remove non www version and wait 3 hours
What, exactly, are you trying to accomplish with your domain mappings? Don't worry about the technical part for now. Just explain in simple words what specifically you want to happen.
So I have this wordpress blog hosted on my NAS which has its own domain name so I can access it externally. I also want to use a different domain name for the blog.
So the DNS record has a CNAME with the NAS domain name. I remembered the blog could be accessed with "www.magiklog.com" but not "magiklog.com". I think that is why I set up the forwarding rule of "magiklog.com" to "www.magiklog.com" in GoDaddy, which was about a year ago. And then everything just worked. And I've renewed the cert a few times before and I didn't run into any issues until today.