So, I have my own little relay server running and i use “Let’s Encrypt” certificates to secure it. These are invalid after some time, so they are automatically renewed and the relayserver restarted.
But, this changes the id, and since it have to provide the ID on all nodes, that is kind of frustrating. So, is there a way to mage my syncthing nodes connect with the relaysrv with some other method, than providing the ID?
id is optional and only needed if you want to do certificate pinning.
Ah, I see. So it isn’t required. Anyone who knows the URI of the relay server can use it. There is no requirement for access like passing the ID ?
The id is used for certificate pinning, to validate that the destination is what it claims to be, and nobody is performing man in the middle attack.
The attack is not very useful as the traffic between users is encrypted anyway so man in the middle is not very useful.
There are no benefit of using letsencrypt certs fot that because we don’t rely on certificate validity for relays anyway, we either use pinning by id, or just outright trust it.