os-acme-client automation: Upload certificate to Synology DSM: "Unable to authenticate"

[smreka]

Trying to do automation to upload certificate to DSM but get authentication error.
I created a new account with no 2FA just to exclude that.
Credentials are correct.
Replaced private info with placeholders in logs below.

DSM 7.1-42661 Update 1
OPNsense 22.1.8_1-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1o 3 May 2022
os-acme-client v3.11
acme.sh v3.0.4

2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] Deploy error.
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] Error deploy for domain:hide.com
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] If two-factor authentication is enabled for the user, set SYNO_TOTP_SECRET.
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] Check your username and password.
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] Unable to authenticate to IP:PORT using https.
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] token
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] _ret='60'
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] _CURL='curl --silent --dump-header /var/etc/acme-client/home/http.header -L '
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] _post_url='https://IP:PORT/webapi/auth.cgi?enable_syno_token=yes'
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] POST
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] Logging into IP:PORT
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] ret='60'
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] _CURL='curl --silent --dump-header /var/etc/acme-client/home/http.header -L '
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] timeout=
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] url='https://IP:PORT/webapi/query.cgi?api=SYNO.API.Info&version=1&method=query&query=SYNO.API.Auth'
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] GET
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] Getting API version
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] _base_url='https://IP:PORT'
2022-06-12T21:03:28	acme.sh	[Sun Jun 12 21:03:28 CEST 2022] SYNO_Certificate='OPNsense ACME cert 623754c18cb372.51023685'
2022-06-12T21:03:27	acme.sh	[Sun Jun 12 21:03:27 CEST 2022] _cdomain='hide.com'
2022-06-12T21:03:27	acme.sh	[Sun Jun 12 21:03:27 CEST 2022] _deployApi='/usr/local/share/examples/acme.sh/deploy/synology_dsm.sh'
2022-06-12T21:03:27	acme.sh	[Sun Jun 12 21:03:27 CEST 2022] DOMAIN_PATH='/var/etc/acme-client/home/hide.com'
2022-06-12T21:03:27	acme.sh	[Sun Jun 12 21:03:27 CEST 2022] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
2022-06-12T21:03:27	acme.sh	[Sun Jun 12 21:03:27 CEST 2022] Using config home:/var/etc/acme-client/home
2022-06-12T21:03:27	acme.sh	[Sun Jun 12 21:03:27 CEST 2022] Running cmd: deploy
2022-06-12T21:03:27	acme.sh	[Sun Jun 12 21:03:27 CEST 2022] Using server: letsencrypt

[OPNsense-bot]

Thank you for creating an issue.
Since the ticket doesn't seem to be using one of our templates, we're marking this issue as low priority until further notice.

For more information about the policies for this repository,
please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.

The easiest option to gain traction is to close this ticket and open a new one using one of our templates.

[fraenki]

acme.sh [Sun Jun 12 21:03:28 CEST 2022] Unable to authenticate to IP:PORT using https.

Something similar was reported in #2889. Please try to set Scheme to http (not https) in automations.