tresni
commented
3 years ago Are you still having an issue? If so, can you post updated information in #2727 . I don't normally see any reports outside of that thread.
Open netjrllc opened 3 years ago
tresni
commented
3 years ago Are you still having an issue? If so, can you post updated information in #2727 . I don't normally see any reports outside of that thread.
netjrllc
commented
3 years ago No I was able to fix. If I remember right a value needed to be set to 1. I don’t have the code in front of me but I can confirm exactly what it was if you’d like?
Best,
Todd Fennell Jr.
Engineering & IT Consultant NetJr Consulting, LLC Cell: (772)-202-2189 Email: todd.fennell@netjrllc.com
On Jan 19, 2021, at 6:57 PM, Brian Hartvigsen notifications@github.com wrote:
Are you still having an issue? If so, can you post updated information in #2727 . I don't normally see any reports outside of that thread.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
tresni
commented
3 years ago No need, I know there were issues like that in the past that I believe we have corrected.
Diplo95
commented
3 years ago Hi,
I have this error when attempting to deploy my certificate. Could you give your solution please ?
netjrllc
commented
3 years ago Hello,
I would probably need to see all of your code (obviously black out any personal passwords/info).
If I remember correctly, the code needed to add SYNO_CREATE=1
Or something like that as a line item
Best,
Todd Fennell Jr.
Engineering & IT Consultant NetJr Consulting, LLC Cell: (772)-202-2189 Email: @.***
On Apr 8, 2021, at 9:31 AM, Diplo95 @.***> wrote:
Hi, I have this error when attempting to deploy my certificate. Could you give your solution please ?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
Diplo95
commented
3 years ago Thx for the quick reply, here you can see all my variables :
As you can see, I already have Syno_create="1"
Which other data do you need ?
Diplo95
commented
3 years ago Is "export HTTPS_INSECURE=1" compulsory ? I don't have this one.
netjrllc
commented
3 years ago Many of those variables are as I only have about half of the variables you do. When I get to my machine, I will send you my code and you can try that.
Best,
Todd Fennell Jr.
Engineering & IT Consultant NetJr Consulting, LLC Cell: (772)-202-2189 Email: @.***
On Apr 8, 2021, at 10:37 AM, Diplo95 @.***> wrote:
Is "export HTTPS_INSECURE=1" compulsory ? I don't have this one.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
Diplo95
commented
3 years ago I tried it and it worked. So, I don't know what "HTTPS_INSECURE=1" stand for, but it made the job for me.
Thanks
netjrllc
commented
3 years ago Hmm that’s strange. Good to know in case I run into issue in the future. I don’t have nearly as many variables declared. It may be because you don’t already have a valid cert so telling it to use insecure https might tell it to bypass something it was getting hung on in the TLs handshake with your DNS provider.
That’s just a guess though. I haven’t seen the documentation on that variable specifically. Thanks for the heads up though!
Best,
Todd Fennell Jr.
Engineering & IT Consultant NetJr Consulting, LLC Cell: (772)-202-2189 Email: @.***
On Apr 8, 2021, at 11:56 AM, Diplo95 @.***> wrote:
I tried it and it worked. So, I don't know what "HTTPS_INSECURE=1" stand for, but it made the job for me.
Thanks
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
Here is my script for adding certs to Synology DSM: ` sudo su cd ~ wget https://github.com/acmesh-official/acme.sh/archive/master.tar.gz tar xvf master.tar.gz cd acme.sh-master/ ./acme.sh --install --nocron --home /usr/local/share/acme.sh --accountemail "xxxxxxxxxxx@xxx.xxx" source ~/.profile export CF_Key="###########" export CF_Account_ID="###########" export CF_Email="xxxxxxxxxxx@xxx.xxx" cd /usr/local/share/acme.sh export CERT_DOMAIN="*.xxx.example.com" export CERT_DNS="dns_cf"
Single quotes prevents some escaping issues if your password or username contains certain special characters
export SYNO_Username="acmecertadmin" export SYNO_Password="xxxxxxxxxx" export SYNO_Port="####" # Port of DSM WebUI, defaults to 5000 for HTTP and 5001 for HTTPS export SYNO_DID ="xxxxxxxxxxxxxxxxxxxxxxxx" export HTTPS_INSECURE=1
You must specify SYNO_Certificate, for the default certificate, we use an empty string
export SYNO_Certificate="" ./acme.sh --issue -d "$CERT_DOMAIN" --dns "$CERT_DNS" cd /usr/local/share/acme.sh SYNO_Create=1 ./acme.sh --deploy -d "$CERT_DOMAIN" --deploy-hook synology_dsm `
Here is the output that I get:
ash-4.3# SYNO_Create=1 ./acme.sh --deploy -d "$CERT_DOMAIN" --deploy-hook synology_dsm [Sun Oct 11 13:31:34 -05 2020] Logging into localhost:3939 [Sun Oct 11 13:31:36 -05 2020] Getting certificates in Synology DSM [Sun Oct 11 13:31:36 -05 2020] Generate form POST request [Sun Oct 11 13:31:36 -05 2020] Upload certificate to the Synology DSM [Sun Oct 11 13:31:36 -05 2020] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 18 [Sun Oct 11 13:31:36 -05 2020] Unable to update certificate, error code {"error":{"code":105},"success":false} [Sun Oct 11 13:31:36 -05 2020] Error deploy for domain:*.kgvb.kannergroupvero.com [Sun Oct 11 13:31:36 -05 2020] Deploy error.I looked up code 18 at the link provided but does not seem to give any troubleshooting steps besides say that the payload is an unexpected size.
Any ideas on how to resolve this?
User is not root and is similar to how Markus Lippert chose "mycertadmin" and added restrictions on it. Port is a custom one and not the default 5000/5001.