Created
March 6, 2011 02:01
-
-
Save mattikus/856946 to your computer and use it in GitHub Desktop.
two attempts to connect to freenode with weechat-git
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 19:45:09 freenode | irc: reconnecting to server... | |
| 19:45:09 freenode | irc: connecting to server chat.us.freenode.net/7070 (SSL)... | |
| 19:45:09 freenode | gnutls: connected using 1024-bit Diffie-Hellman shared secret exchange | |
| 19:45:09 freenode =!= | gnutls: peer's certificate is NOT trusted | |
| 19:45:09 freenode =!= | gnutls: peer's certificate issuer is unknown | |
| 19:45:09 freenode | gnutls: receiving 2 certificates | |
| 19:45:09 freenode | - certificate[1] info: | |
| 19:45:09 freenode | - subject `OU=Domain Control Validated,OU=Gandi Standard Wildcard SSL,CN=*.freenode.net', issuer `C=FR,O=GANDI SAS,CN=Gandi Standard SSL CA', RSA key 2048 bits, signed using | |
| | RSA-SHA1, activated `2011-01-14 00:00:00 UTC', expires `2012-01-14 23:59:59 UTC', SHA-1 fingerprint `acd50e69ad93f5db08fefb67180d871415858664' | |
| 19:45:09 freenode | - certificate[2] info: | |
| 19:45:09 freenode | - subject `C=FR,O=GANDI SAS,CN=Gandi Standard SSL CA', issuer `C=US,ST=UT,L=Salt Lake City,O=The USERTRUST Network,OU=http://www.usertrust.com,CN=UTN-USERFirst-Hardware', RSA | |
| | key 2048 bits, signed using RSA-SHA1, activated `2008-10-23 00:00:00 UTC', expires `2020-05-30 10:48:38 UTC', SHA-1 fingerprint `a9f79883a075ce82d20d274d1368e876140d33b3' | |
| 19:45:09 freenode =!= | gnutls: the hostname in the certificate does NOT match "chat.us.freenode.net" | |
| 19:45:09 freenode =!= | irc: TLS handshake failed | |
| 19:45:09 freenode =!= | irc: error: Error in the certificate. | |
| 19:45:09 freenode | irc: reconnecting to server in 40 seconds |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 19:51:34 chat.freenode.net | irc: connecting to server chat.freenode.net/7000 (SSL)... | |
| 19:51:35 chat.freenode.net | gnutls: connected using 2048-bit Diffie-Hellman shared secret exchange | |
| 19:51:35 chat.freenode.net =!= | gnutls: peer's certificate is NOT trusted | |
| 19:51:35 chat.freenode.net =!= | gnutls: peer's certificate issuer is unknown | |
| 19:51:35 chat.freenode.net | gnutls: receiving 2 certificates | |
| 19:51:35 chat.freenode.net | - certificate[1] info: | |
| 19:51:35 chat.freenode.net | - subject `OU=Domain Control Validated,OU=Gandi Standard Wildcard SSL,CN=*.freenode.net', issuer `C=FR,O=GANDI SAS,CN=Gandi Standard SSL CA', RSA key 2048 bits, signed using | |
| | RSA-SHA1, activated `2011-01-14 00:00:00 UTC', expires `2012-01-14 23:59:59 UTC', SHA-1 fingerprint `acd50e69ad93f5db08fefb67180d871415858664' | |
| 19:51:35 chat.freenode.net | - certificate[2] info: | |
| 19:51:35 chat.freenode.net | - subject `C=FR,O=GANDI SAS,CN=Gandi Standard SSL CA', issuer `C=US,ST=UT,L=Salt Lake City,O=The USERTRUST Network,OU=http://www.usertrust.com,CN=UTN-USERFirst-Hardware', RSA | |
| | key 2048 bits, signed using RSA-SHA1, activated `2008-10-23 00:00:00 UTC', expires `2020-05-30 10:48:38 UTC', SHA-1 fingerprint `a9f79883a075ce82d20d274d1368e876140d33b3' | |
| 19:51:35 chat.freenode.net =!= | irc: TLS handshake failed | |
| 19:51:35 chat.freenode.net =!= | irc: error: Error in the certificate. | |
| 19:51:35 chat.freenode.net | irc: reconnecting to server in 10 seconds |
Thx a lot!
Also you can get the cert: openssl s_client -showcerts -connect chat.freenode.net:6697
See how it use there.
echo "" | openssl s_client -host chat.freenode.net -port 6697 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem
echo "" | openssl s_client -host chat.freenode.net -port 6697 -showcerts | awk '/BEGIN CERT/ {p=1} ; p==1; /END CERT/ {p=0}' > allcerts.pem
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I just started using weechat and hit this same problem but it's easy to solve. Get the UTA CA-bundle from www.comodo.com:
UTNAddTrustServerCA.crt
I've added the key to my local ca-bundle (from http://curl.haxx.se/docs/caextract.html)
cat ~/Downloads/UTNAddTrustServerCA.crt >> /path/to/my/ca-bundle.pem
Finally set weechat to use that ca-bundle and save the configuration:
/set weechat.network.gnutls_ca_file /path/to/my/ca-bundle.pem
/save
Now you may connect to freenode all secure like.