Use certbot to create a wildcard certificat with DNS challenge
DOMAIN="example.com"
sudo certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory -d "*.$DOMAIN"
Follow the instructions on the console and create the DNS TXT record.
Copy the generated files to a working directory
sudo cp /etc/letsencrypt/live/$DOMAIN/{fullchain.pem,privkey.pem} ~/Desktop
Change ownership to current user
sudo chown $USER ~/Desktop/*.pem
In Synology DSM, add new certificate, replace certificate and choose the expired certificate.
Use fullchain.pem
as certificate and privkey.pem
as private key file.