Hello,
I am new to Syncthing and have some questions about the certificates which are generated upon installation. It seems like my certificates are not matching the description of the certificate shown in the documentation. Maybe I am not understanding things correctly and you guys could help me out.
I have installed syncthing on my Raspberry Pi 3 which runs Raspbian Jessie.
-
The cert.pem contains a public key which is generated via ecdsa and issued by syncthing. In the documentation it is written that this key should be generated via RSA. I searched through the forums if maybe something has changed and read that the Global Discovery-Servers changed from RSA to ECDSA. Is this the reason why the cert.pem is now using id-ecPublicKey as the Public Key Algorithm?
-
I also found another certificate which is named https-cert.pem. This certificate is issued by my own Raspberry and contains a public key which is generated via RSA. My problem though is that the public key is only 2048 bits long. What is this certificate for?
-
Also I would like to know why the validity of certificates is around 32 years and what happens if they run out?
I hope somebody could help me out here.