From 456436855608030441714cf42c4eece971cbf078 Mon Sep 17 00:00:00 2001 From: rcork Date: Wed, 18 Oct 2017 21:13:19 -0700 Subject: [PATCH] Added header to certificate renewal instructions to separate it from the Alternate Method section and make it clear that it is needed regardless of which method you use. --- Synology-NAS-Guide.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Synology-NAS-Guide.md b/Synology-NAS-Guide.md index 736d969..5c4b79f 100644 --- a/Synology-NAS-Guide.md +++ b/Synology-NAS-Guide.md @@ -57,6 +57,8 @@ Please note that this will replace your Synology NAS system default certificate Now you can check the DSM control panel - Security - Certificates to see the nominated certificate has been replaced by letsencrypt one. You can now configure to use this one as default and assign to specific services, like vpn, sftp, etc. + +## Configuring Certificate Renewal To auto renew the certificates in the future, you need to configure the cronjob. However, acme.sh seems not properly add tasks to Synology crontab. You have to do this manually. Configure crontab for root @@ -68,7 +70,7 @@ For example, 10:00 am of the 2nd day every month run the cronjob to check if due 0 10 2 * * root /usr/local/share/acme.sh/acme.sh --cron --home /usr/local/share/acme.sh/ -The last step is to setup a schedule task to copy renewed certificates in cert library to system default directory and restart the Nginx service. +If using the alternate method from above, the last step is to setup a schedule task to copy renewed certificates in cert library to system default directory and restart the Nginx service. In DSM control panel, open the 'Task Scheduler' and create a new scheduled task for a user-defined script.