I let the Synology Diskstation manage the let's encrypt certificate (renewal etc.). I transfer this certificate to resilio to use it for the webgui.
My Approach (DSM 6.2.4-25556 Update 6):
Log into the diskstation with admin rights. As root, create a subfolder in the resilio settings folder:
sudo -i
cd /usr/local/resiliosync/var
root@xxx:/usr/local/resiliosync/var# mkdir certificate
root@xxx:/usr/local/resiliosync/var# chown rslsync:users certificate
root@xxx:/usr/local/resiliosync/var# chmod 700 certificate
Back up the config file sync.conf:
root@xxx:/usr/local/resiliosync/var# cp sync.conf sync.conf.bak
Edit the config file and insert after the part
... "webui":{"force_https": true
the following:
,"ssl_certificate":"/usr/local/resiliosync/var/certificate/cert.pem","ssl_private_key":"/usr/local/resiliosync/var/certificate/privkey.pem"
Now, in the control panel create a new cron job:
As user root, have the following script run regularly, e.g. daily. This will copy the certificate to the folder you created above. This is only necessary when the certificate is renewed, but it does no harm to do it daily.
cp /usr/syno/etc/certificate/system/default/cert.pem /usr/local/resiliosync/var/certificate/cert.pem
chown rslsync:users cert.pem
chmod 600 cert.pem
cp /usr/syno/etc/certificate/system/default/privkey.pem /usr/local/resiliosync/var/certificate/privkey.pem
chown rslsync:users privkey.pem
chmod 600 privkey.pem
Run the job once and check the certificate folder you created above to see whether the certificates have been copied.
Finally, restart Resilio Sync in the packet manager to let it know the new config file.
At the moment it seems to work well. YMMV