I know that we have talked wildcard certs to death, but it's spread over several threads, and wildcard advice is mixed in with non-wildcard advice, etc. So, with my head hanging in shame, I am renewing this yet again:
I have my own domain name, and was able to use Zerossl to generate a 90 day wildcard letsencrypt cert, and install it on my Synology.
I have access to my DNS settings, and was able to enter the _acme-challenge TXT entry required to generate the wildcard cert in the first place - the entry is still there, but I assume it would need to be different for each renewal.
The cert is going to come up for renewal soon, and Zerossl has in the meantime switched to a fee-based model, and the fees are ridiculous. So my plan to renew using zerossl has been shot to hell.
I don't think the Synology is going to be able to renew it on its own, without user intervention, but please let me know if you think I'm wrong about that.
Assuming I'm right about that, and I have server.csr and server.key files, what is the easiest (free) way to renew my non-synology, wildcard cert?
I tried to run certbot on the Synology, without success; apparently there are a number of dependencies I would need to address.
I looked at certbot for Docker, but it's not clear to me that it can do wildcard certs for the Synology without, again, other dependencies addressed.
So what's my best course, and is there a Synology-specific tutorial somewhere for it?
I have my own domain name, and was able to use Zerossl to generate a 90 day wildcard letsencrypt cert, and install it on my Synology.
I have access to my DNS settings, and was able to enter the _acme-challenge TXT entry required to generate the wildcard cert in the first place - the entry is still there, but I assume it would need to be different for each renewal.
The cert is going to come up for renewal soon, and Zerossl has in the meantime switched to a fee-based model, and the fees are ridiculous. So my plan to renew using zerossl has been shot to hell.
I don't think the Synology is going to be able to renew it on its own, without user intervention, but please let me know if you think I'm wrong about that.
Assuming I'm right about that, and I have server.csr and server.key files, what is the easiest (free) way to renew my non-synology, wildcard cert?
I tried to run certbot on the Synology, without success; apparently there are a number of dependencies I would need to address.
I looked at certbot for Docker, but it's not clear to me that it can do wildcard certs for the Synology without, again, other dependencies addressed.
So what's my best course, and is there a Synology-specific tutorial somewhere for it?