What's new

LE Certificate renew

  • Thread starter Deleted member 62525
  • Start date
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

Deleted member 62525

Guest
I am wondering if Synology Lets Encrypt certificate is auto renew. If so, how technically is it implemented on Synology. What is the script name that is executed when that happens?
 
I am wondering if Synology Lets Encrypt certificate is auto renew. If so, how technically is it implemented on Synology. What is the script name that is executed when that happens?

I believe the script you are looking for is:
Code:
/usr/syno/sbin/syno-letsencrypt


Code:
syno-letsencrypt <command> [<args>]
  new-cert
      -d [domains]   Domain name to be registed. (required)
      -m [mail]      Email address for contact. (required)
      -s [server]    Let's encrypt directory URL. (optional)
      -c [certid]    Certificat Id. (optional)
      -p [version]   ACME version, should use with -s (optional)

  renew-all

  revoke
     -c [cert-path]  revoke a certificat. (required)

For all command, you can add the following arguments for debug.
      -v             Show debug message.
      -vv            Show more debug message.


The following will renew your certificates:
Code:
sudo syno-letsencrypt renew-all


Note: I believe you need port 80 and 443 open/forwarded to your NAS for auto-renewal to work.

You can find details of the auto-renew being run via cron in:
Code:
/var/log/synocrond-execute.log
 
Last edited:
For anyone that has a need to use Lets Encrypt certificates I highly recommend to install acme.sh.
With acme.sh you have a full control to manage your certificate generation and renewal. In my case I use acme.sh to generate proper certificate for both, my NAS and for Plex server. I have been using it for many months now without issues. acme.sh
 
@Markster where is your how-to? :)

You're the 'pro' in this area now.
 
I will post the guide @L&LD sometime next week. I can tell from this forum forum and Merlin that this will be something benefitial to the community. Although, it is for NAS I think it maybe used on Asus Merlin as well since acme.sh is pure shell based and does not require root permissions to run.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top