New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow to specify ca certificates per network #438

Open
tyll opened this Issue Jun 8, 2015 · 7 comments

Comments

Projects
None yet
8 participants
@tyll

tyll commented Jun 8, 2015

I would like to connect to the hackint IRC network via TLS. They use their own root CA which I would like to specify only for the hackint network: http://hackint.eu/
However this does not seem to be possible, since there seems to be only a globel CA certificate setting. But setting it to the hackint CA would break accessing the Freenote IRC network. Therefore please allow to set the CA per IRC network additionally to the global default setting.

@Mikaela

This comment has been minimized.

Show comment
Hide comment
@Mikaela

Mikaela Jun 8, 2015

Contributor

ZNC has similar issue znc/znc#909 and on ZNC side it's know that there are more networks having their own root CA. I thought that issue mentioned them, but it doesn't seem to and I remember at least two other names in addition to hackint:

  • OFTC
  • EUnetIRC (or something similar)
Contributor

Mikaela commented Jun 8, 2015

ZNC has similar issue znc/znc#909 and on ZNC side it's know that there are more networks having their own root CA. I thought that issue mentioned them, but it doesn't seem to and I remember at least two other names in addition to hackint:

  • OFTC
  • EUnetIRC (or something similar)
@stfnm

This comment has been minimized.

Show comment
Hide comment
@stfnm

stfnm Jun 8, 2015

Contributor

👍 I'd like this too.

Contributor

stfnm commented Jun 8, 2015

👍 I'd like this too.

@flokli

This comment has been minimized.

Show comment
Hide comment
@flokli

flokli commented Jul 22, 2015

+1

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Sep 7, 2015

can confirm this and would like to see a point in the future where one can set per network root ca files

ghost commented Sep 7, 2015

can confirm this and would like to see a point in the future where one can set per network root ca files

@monkz

This comment has been minimized.

Show comment
Hide comment
@monkz

monkz Jun 28, 2017

Work around is:

wget https://hackint.eu/crt/rootca.crt
cat rootca.crt /etc/ssl/certs/ca-certificates.crt > weechat-rootca.crt

And inside weechat
/set weechat.network.gnutls_ca_file PATH/TO/weechat-rootca.crt
Please remember: This allows the owner of the HackInt CA to sign certificates for other networks! So it is far from ideal!

monkz commented Jun 28, 2017

Work around is:

wget https://hackint.eu/crt/rootca.crt
cat rootca.crt /etc/ssl/certs/ca-certificates.crt > weechat-rootca.crt

And inside weechat
/set weechat.network.gnutls_ca_file PATH/TO/weechat-rootca.crt
Please remember: This allows the owner of the HackInt CA to sign certificates for other networks! So it is far from ideal!

@shibumi

This comment has been minimized.

Show comment
Hide comment
@shibumi

shibumi Jul 16, 2018

any update on this issue?

shibumi commented Jul 16, 2018

any update on this issue?

@weechatter

This comment has been minimized.

Show comment
Hide comment
@weechatter

weechatter Jul 17, 2018

Contributor

no

Contributor

weechatter commented Jul 17, 2018

no

sim642 added a commit to sim642/weechat that referenced this issue Sep 14, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment