Just got a qnap today and try to install letsencrypt certificate, but got the same problem.
The problem not from the software, but because my ISP is block port 80, so I have 2 options
1. call ISP to unblock port 80, then the script will work as it should.
2. find another way to install.
I choose 2. because I also don't want to open port 80 to public.
I follow all the above posts but none of them got success
Then I search how letsencrypt can issue without open port 80, then I found this post: https://community.letsencrypt.org/t/how ... 80/36192/6
whatever client you use must do one of three things to validate control over your hostname:
[*] It must respond appropriately to a request for http://$HOSTNAME/.well-known/acme-challenge/..
[*] It must respond appropriately (i.e., with an appropriate self-signed TLS certificate) to https://$HOSTNAME
[*] It must (or, alternatively, you must manually) change your DNS records to add a specified TXT record.
So only "https" is my only one chance because I can not do anything with QNAPcloud DNS and if the http worked I no need to find another way here.How to install letsencrypt by validate with https on QTS4.3.x
1. ssh to qnap with your admin user
2. type these command
Code: Select all
ln -s /mnt/ext/opt/QcloudSSLCertificate/cert/.well-known /home/httpd/
sed -ie 's/default="http"/default="https"/' acme_tiny.py
cp acme_tiny.py acme_tiny.py.bak
3. Configure SSL through "System>Security>Certificate & Private Key" and click Replace Certificate, then select Let's Encrypt, input your qnap domain name and if you have your own domain name put it in alternative names.
4. **remember if you update the QTS SSL certificate utility to new version, you have to fix the acme_tiny.py again with this command vis ssh
Code: Select all
sed -ie 's/default="http"/default="https"/' /mnt/ext/opt/QcloudSSLCertificate/bin/acme-tiny/acme_tiny.py