DSM 7.2.1 unable to update certificate, found the reason! #5044
Comments
|
Please upgrade to the latest code and try again first. Maybe it's already fixed. |
|
偶遇一只野生异次元😁 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
DSM 7.2.1 unable to update certificate, found the reason!
After updating to the latest acme.sh, it generates ECC certificates by default, and the path has the string "ecc" added, but deploy-hook synology-dsm does not seem to be compatible with this.
From my testing using ZeroSSL, the acme.sh script has actually successfully updated the ECC certificate, but deploy-hook synology-dsm uploaded the "original old RSA certificate" instead, resulting in the "expired certificate" issue after deployment.
After testing and adding the acme.sh --issue --keylength 2048 parameter, everything returned to normal.
DSM 7.2.1 无法更新证书,找到原因了!
更新到最新的 acme.sh,默认是生成 ecc 证书,路径上多了ecc字符串,但 deploy-hook synology-dsm 似乎没对此做兼容。
我实测使用的是 ZeroSSL,acme.sh 脚本实际上已成功更新了 ECC 证书,但 deploy-hook synology-dsm 却上传了「原有的旧的 rsa 证书」,导致部署后依然是“证书过期”。
实测增加 acme.sh --issue --keylength 2048 参数后,一切恢复正常。
The text was updated successfully, but these errors were encountered: