Oddbean new post about | logout
 Sorry, I meant LND, as configured by RaspiBolt. Alby Hub wants to validate the API ssl cert, but LND uses a fresh, self signed cert at startup. 

Change was to throw out most of this branch because the UI required a non-blank value, the use a tls.Config with certificate validation disabled. 

https://github.com/getAlby/hub/blob/d577be439b21e5fa68a82138de293fcd89e0f1c5/lnclient/lnd/wrapper/lnd.go#L53 
 and why did you not provide the certificate hex in the frontend? 
when LND is configured you can provide the address, macaroon and that certificate.  
 Maybe I'm doing it wrong? But the cert changes every time LND restarts. Is there a different, stable cert? 
 IIRC even the first one fails because it's self-signed. Maybe you've only tested with a public node that has a LetsEncrypt cert? 
 nope, many run it with LND and that's also how it works on Umbrel and Start9. 
If the certificate is provided then this is used to validate the connection.
The error handling might not be really good if an invalid certificate hex is provided. 
But I know many who use it successfully in a setup like you describe.  
 Hmm. I'll take a closer look then. Thanks 👍 
 thanks, I will also keep an eye on it. 
and let us know if you see such issues. (e.g. a Github issue)  
 hmm, afaik it should not change every time (otherwise none of the tools would work that work with LND). It only generates a new one if the old one is deleted. 
It expires after many months, that is true and in Alby Hub there is no update option, yet. But that's a long time.