由于某些原因,使用LetsEncryp生成的证书似乎被最新的Synology DSM自动更新。
我尝试了CLI,但是失败了
sudo syno-letsencrypt renew-all -v DEBUG: [syno.example.com] is not a subdomain of [my-syno.synology.me] DEBUG: DDNS Curl: [https://ddns.synology.com/main.php?_=letsencrypt%2Fdelete&hostname=syno.example.com&myds_id=696423&auth_key=...&serial=1590MHN443201&txt=] DEBUG: GET Request: https://ddns.synology.com/main.php?_=letsencrypt%2Fdelete&hostname=syno.example.com&myds_id=696423&auth_key=...&serial=1590MHN443201&txt= DEBUG: Dns01 challenge: Teardown [{"code":"badparam"}]. DEBUG: DNS challenge failed, reason: { "error": 203, "msg": "Challenge setup is failed.", "file": "client.cpp:278"} DEBUG: Normal challenge failed, reason: { "error": 107, "msg": "syno.example.com: Could not connect to syno.example.com", "file": "client.cpp:315"} DEBUG: failed to open port 80. DEBUG: close port 80. DEBUG: Failed to renew /usr/syno/etc/certificate/_archive/8mSVmw/. { "error": 101, "msg": "failed to open port 80.", "file": "client.cpp:472"} 作为一个说明,我检查了“syno.example.com”的端口80是可以从外部访问,并正在加载网站。
我甚至在运行renew命令之前尝试停止Web Station,但似乎对执行更新命令没有影响。 ( /usr/syno/bin/synopkg stop WebStation )。
有一个有趣的说法是,一旦停止了Web Station,Synology决定将其redirect到5000/5001端口,而不是在80端口响应。