I created 2 self signed certificates using the following command:
openssl req -x509 -newkey rsa:2048 -keyout c:\temp\key.pem -out c:\temp\cert.pem -days 365 -nodes
When I try to sync - I get the following error:
Bad certificate from P00434 at10.2.8.2:53534-10.2.11.23:22000/tcp-client/TLS1.3-TLS_AES_128_GCM_SHA256:x509: certificate is not valid for any names, but wanted to match syncthing
Is there anything obvious that I have done wrong? I set the certName it is the same.
I deleted the config and restarted to be sure the config used the cert. (key.pem and cert.pem)
Effectively the error is saying that the certName in the config does not match what’s in the certificate.
If the certificate has SAN extension, it will not use commonName, it will use the SAN entries.