Thanks for the link!
I use a password to unlock the device anyway, so I’ve tried to add the Let’s Encrypt certificate to the personal store first, using just the GUI method. I’ve followed the steps from https://stoutner.com/lets-encrypt-isrg-root-x1-and-privacy-browser.
However, even after installing the certificate, there is no difference regarding Syncthing. Is the ISRG Root X1 certificate the right one, or does Syncthing need something else? If that’s the case, does anyone know which specific certificates are required by Syncthing?
I’ve just realised that the same problem is happening on yet another device. This one runs Android 7.1 (also by Samsung). In contrary to the first one, the other device is located in a different location, so direct connection is impossible. As the expired certificate prevents any relay connections, the device has been unable to connect at all (as QUIC isn’t working either for some reason, even though it is “listening”).
Does this mean that the expired certificate has rendered Syncthing on these older Android devices basically useless?