i tried to generate Let’s Encrypt certificates for https remote access by DDNS but it doesn’t work. After pushing the Create button the screen shows 3 new certificates with status ‘Generating’
What’s wrong? Can i somehow log the process of generating the certificates to see what’s going wrong?
Also there is a problem with adding DNS servers at “Network → DNS → General” because the added servers cannot be saved. If i add 1 or more servers and push the “Save & Apply” button the screen does not show my added servers.
As @pwsh has advised, you can see download the troubleshoot file, and in system logs you will be able to see information why the device has failed to generate certificates.
You can also do this live, by connecting to the device via ssh, or go to the device’s CLI in System → Maintenantce, and run logread -f command after connecting to the router. On another browser tab you can open another WEBUI instance, and there generate the certificates, which in another tab you will be able to see live how the device is behaving when generating certificates.
You do also need a public IP, which is usually a Paid service to be obtained from your ISP provider.
Let’s Encrypt’s servers require that port 80 (HTTP) on your public IP be open and forwarded to the machine requesting the certificate. If another service is using that port or port forwarding is not set properly, the validation will fail, even if DDNS resolves correctly.
For the DNS server issue, can you try a different browser/incognito window. I would also like you to check logs when you try to save, to see why it fails.
