Has your Let’s Encrypt SSL certificate for the domain hosted on your Synology NAS nearly expired? No problem, your Synology with its powerful DSM operating system will make renewal really easy. No need for you to be an expert; any person can renew their SSL certificate for their domain in the few simple steps explained below. Before starting this operation you must do two very important things to avoid problems.
- Open port 80 and 443 in your router, both TCP/UDP.
- Change the DNS in your Synology. You can use Google DNS or CloudFlare DNS. I suggest CloudFlare DNS.
Port forwarding 80 and 443 on your router both TCP/UDP. Port 80 will allow visitors to visit your site, while port 443 will allow visitors to visit the site via SSL protocol. Port 5000 is the port of your DSM login, while port 5001 is the port of your DSM login in the https version / ssl. I own a D-Link router but most routers allow you to change these settings by directly typing 192.168.0.1 in your browser bar. Remember to include in the port forwarding the local ip of your Synology device that will be slightly different from the router. The instructions entered in your router should appear this way:
Remember to open the following ports on the “Port Forwarding” router. After having done so, save the settings.
Port 80 on TCP
Port 80 on UDP
Port 443 on TCP
Port 443 on UDP
Port 5000 on TCP
Port 5001 on UDP
Go to Control Panel / Security / Certificate and click right mouse button on the domain that is about to expire. Follow the instructions in the image below.
Click Renew Certificate. Follow the instructions in the image below.
Now you will be reminded to activate port 80 and 443 plus DNS. Click Apply. Follow the instructions in the image below.
After clicking Apply you have to wait approximately 30 seconds.
Your certificate for your domain name is now updated.
Do you experience an error when you try to renew your Let’s Encrypt SSL certificate on your Synology Nas like this one below?
Failed to connect to Let’s Encrypt. Please make sure the domain name is valid.
If you run too many services and domain names with subdomains on your Synology Nas, this error can happen, though it’s extremely rare. To solve this little problem just restart your Synology Nas and everything will work again without any issues. After restarting, you can try to update the certificate again on your domain without getting this error message.