| 07 December 2009
WeeChat has new options added to its SSL certificates methods thanks to a user submitted patch, the changes now provide stricter checking of certificates and there validity so using services such as the ones OFTC provide for nick identification. Flashcode the WeeChat author provided some examples of how the new options can be useful to users see his post here and below is a quote from the original article:
New options have been added to check SSL certificates when connecting to IRC servers, thanks to kolter's patch:
- weechat.network.gnutls_ca_file: path to file with certificate authorities (by default: "%h/ssl/CAs.pem")
- irc.server.xxx.ssl_cert: ssl certificate file used to automatically identify your nick (CertFP on oftc for example, see below)
- irc.server.xxx.ssl_dhkey_size: replaces old option weechat.network.gnutls_dh_prime_bitsmax_lines, new default value is 2048 (safer than old default value which was 512)
- irc.server.xxx.ssl_verify: check that the ssl connection is fully trusted (on by default)
Please note that ssl_verify is on by default, so verification is now stricter, and may fail even if it was ok with previous versions of WeeChat.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_c.png?x-id=f1ef89a7-dc2e-4382-bb0d-b6f252f8405c)
Related Articles
| < Prev | Next > |
|---|
