Info You need a current cert for that? O my!

Currently reading
Info You need a current cert for that? O my!

4,147
1,428
NAS
DS4l8play, DS202j, DS3623xs+, DSM 8.025847-𝘣𝘦𝘵𝘢
My email provider/ISP (Spectrum) has this nasty habit of disallowing uses to send email. I've never found an app to get around this. When I do I get an IP error, about some reverse DNS authentication... whatever that is.

So the few times I need to send an email from my phone, I connect to my VPN server, and out go the emails, except...

This past weekend I was out of town, and needed to respond quickly to some incoming email messages. After connecting to the VPN server, I discovered I was without any internet access... and I was two days from reaching home to sort all this out... a major suck.

Now back at the local LAN ranch, it appears that a recent update of my LE cert is the culprit. How did I miss that? So now... every 3 months, update LE, then update OPVN? Seems so. Or did I misunderstand my mess?
 
Last edited:
Had a look on my VPN Server setup, which is a backup option for VPN Plus. From my phone, I was able to connect back in via a mobile data session.

Last time I changed these OpenVPN settings and made a new ovpn was last March. The VPN Server certificate is set to be my default LE, which has the OpenVPN server name included in the certificate’s SAN.

I do keep a second VPN type as backup in case my preferred stops working. Also I have OpenVPN UDP to the router and port forward OpenVPN TCP to the NAS.

edit:

Had a recent renewal either fail or not happen. But manually renewed and was ok. This was a certificate I use for Web Station virtual hosts, so less visible when this happened. I noticed that all the other certificates are now issued by R3 but I think I remember that one (this?) wasn’t prior to the manual renewal.
 
Or did I misunderstand my mess?
I agree. As much as any other service using a LE cert does continue to work without any problems after a fresh renewal, from time to time, the VPN package does have problems in terms of connecting to it. One restart of the service and that is that. Not always but happens.
 
I agree. As much as any other service using a LE cert does continue to work without any problems after a fresh renewal, from time to time, the VPN package does have problems in terms of connecting to it. One restart of the service and that is that. Not always but happens.
Thanks for the confirmation. This was quite frustrating, and I don't recall ever having to regenerate opvn files following a cert renewal.
 
from time to time, the VPN package does have problems in terms of connecting to it. One restart of the service and that is that.
This rings a bell. It happened to me a couple of times so far. I think it times out while trying to connect. Restarting the VPN package solved it IIRC.
Not sure why. Maybe it’s the above, but I don’t think it happened right after LE renewal. It was random (I think). It’s like if suddenly it decided it had enough.

Anyways, I ended up installing the VPN package on another DS (to have two DiskStations providing OpenVPN services) on the same LAN just in case.

A bug (maybe)!
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top