Hi, I’m attempting to setup and use a private discovery server.
The discovery server:
- Has a proper (private-)CA-signed certificate.
- Runs on HTTP, behind Haproxy.
- In the proxy, I’m appending the X-SSL-Cert, X-Forwarded-For, and X-Client-Port headers.
But it appears as if syncthing is not sending any client certificate (determined by monitoring the proxy’s output). If I send one manually with curl, the “no certificates” message on the discovery server’s debug log ceases appearing. As far as I can tell, the server runs fine.
Is there a special way that I need to declare the server’s url in the syncthing settings? I have it as https://stds.home --is the format correct?
Any insights? Or code location for the discovery process and the client certificate attachment?