Can i obtain a SSL certificate for a server with dynamic IP / DNS / DynDNS address? What about synology.me, myqnapcloud.com, dyndns.org subdomains?

Yes, it is possible to obtain a SSL certificate for dynamic IP based servers. For mail authentication you need a proper "MX" DNS entry. Please choose "HTTP" type authentication during CSR placement for servers with <subdomain>.synology.me, <subdomain>.dyndns.org or <subdomain>.myqnapcloud.com domain, as authentication emails won't be processed by synology.me. If you are running your synology disk station with your own domain, you can of course also use email validation.


Unfortunately, the CAs had recently been uncooperative on issuing SSL certificates for dyndns.org subdomains. We therefore cannot recommend customers to order a SSL for such domains. Other dynamic DNS providers have not been affected so far.

In general:

Dynamic DNS with your own domain => Email validation:
For validating your SSL certificate via Email you need a valid MX entry for your domain or at least a valid email forwarder with your domain registrar. Allowed Emails are admin@, administrator@webmaster@root@, postmaster@. For validating .com/.net/.org you can also choose the email address from the WHOIS entry of your domain. Please be aware that this option is not available for some domain suffixes (e.g. .de, .at). The certificate authority will send an email with validation link that you will have to approve. Without approval the SSL cannot be issued!

Dynamic DNS subdomain (synlology.me, myqnapclud.com) => HTTP validation:
For servers on <subdomain>.synology.me, <subdomain>.myqnapcloud.com or <subdomain>.dyndns.org etc. please choose "HTTP" validation while placing your CSR. In this case the email validation won't be possible because emails sent to qnap, synology etc. won't ever be forwarded to you. - Of course you can use email validation if your synology diskstation is running on your own domain and can receive validation emails on root@, administrator@, ... 


Please find further details regarding SSL installation in the Synology knowledge base: https://www.synology.com/en-us/knowledgebase/DSM/tutorial/General/How_to_enable_HTTPS_and_create_a_certificate_signing_request_on_your_Synology_NAS

Was this answer helpful?

 Print this Article

Also Read

DNS Auth / DNS validation via CNAME

For DNS validation a CNAME entry has to be added in your domains DNS settings.You can use the...

What is PRE-SIGN FAILED? What is a CAA record? - DNS Certification Authority Authorization (CAA) Resource Record

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name...

Microsoft Exchange server: which SSL to use? What about autodiscover. subdomain?

Symptom: internal access is working properly, but accessing with Outlook from remote locations is...

Requesting SSL certificates and SSL installation for all-inkl.com customers

All-inkl.com enables customers to install InterSSL certificates. You can find a tutorial here...

SECTIGO / COMODO CA Status

SECITGO Status:http://sectigo.status.io/ORDER...