LE Certificate renew

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Markster

Senior Member
I am wondering if Synology Lets Encrypt certificate is auto renew. If so, how technically is it implemented on Synology. What is the script name that is executed when that happens?
 

hshah

Occasional Visitor
I am wondering if Synology Lets Encrypt certificate is auto renew. If so, how technically is it implemented on Synology. What is the script name that is executed when that happens?

I believe the script you are looking for is:
Code:
/usr/syno/sbin/syno-letsencrypt


Code:
syno-letsencrypt <command> [<args>]
  new-cert
      -d [domains]   Domain name to be registed. (required)
      -m [mail]      Email address for contact. (required)
      -s [server]    Let's encrypt directory URL. (optional)
      -c [certid]    Certificat Id. (optional)
      -p [version]   ACME version, should use with -s (optional)

  renew-all

  revoke
     -c [cert-path]  revoke a certificat. (required)

For all command, you can add the following arguments for debug.
      -v             Show debug message.
      -vv            Show more debug message.


The following will renew your certificates:
Code:
sudo syno-letsencrypt renew-all


Note: I believe you need port 80 and 443 open/forwarded to your NAS for auto-renewal to work.

You can find details of the auto-renew being run via cron in:
Code:
/var/log/synocrond-execute.log
 
Last edited:

Markster

Senior Member
For anyone that has a need to use Lets Encrypt certificates I highly recommend to install acme.sh.
With acme.sh you have a full control to manage your certificate generation and renewal. In my case I use acme.sh to generate proper certificate for both, my NAS and for Plex server. I have been using it for many months now without issues. acme.sh
 

L&LD

Part of the Furniture
@Markster where is your how-to? :)

You're the 'pro' in this area now.
 

Markster

Senior Member
I will post the guide @L&LD sometime next week. I can tell from this forum forum and Merlin that this will be something benefitial to the community. Although, it is for NAS I think it maybe used on Asus Merlin as well since acme.sh is pure shell based and does not require root permissions to run.
 
Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top