TLS

From Rizon Wiki
Revision as of 21:57, 15 June 2017 by Iota (talk | contribs) (merge KiwiIRC and Kiwi IRC)
Jump to navigation Jump to search

SSL (Secure Sockets Layer) is a method of encrypting your connections on the Internet, so that your connections are still safe, even if they are being "eavesdropped" on.

Rizon also supports Nickserv identification via SSL certificates. Learn more about this here: CertFP.

Setting up your client for SSL

mIRC

mIRC's official documentation can be found here.

The latest versions of mIRC now include OpenSSL by default.

/server irc.rizon.net +6697 or /server -e irc.rizon.net 6697

Kiwi IRC

SSL on KiwiIRC can be used by clicking on the Server & network link in KiwiIRC's client. Allowing the user to select SSL and a separate port.

Connect to the client using https:// to have all parts secure

Mibbit

SSL can be used via Mibbit by clicking on the "Server" link on the connection dialogue and by using "+6697" as the port.

QWebIRC

Rizon's QWebIRC automatically uses SSL when connecting via https.

IRCCloud

IRCCloud is using a secure connection by default. You can verify this by editing the network - the checkbox named Secure Port has to be enabled and the port has to be 6697 or 9999

HexChat

To ensure that you are connecting via SSL you can enable the checkbox named Use SSL for all the servers on this network and disable the checkbox named Accept invalid SSL certificate by editing the network details in the network list. Make sure that if HexChat is set to connect to a specific port that it's either 6697 or 9999, e.g. irc.rizon.net/6697

Irssi

To make sure Irssi verifies the authenticity of the certificate you need to enable certificate verification. You can do this by connecting using the -ssl_verify flag. Users of version Irssi >= 0.8.21 are encouraged to use -tls_verify instead.

Weechat

To make sure weechat verifies certificates, you'll need to use the following.

  • -ssl_verify on /server and /connect commands
  • /set irc.server.SERVERNAME.ssl_verify true via /iset or /set

You'd then use irc.rizon.net/6697 or irc.rizon.net/9999 as the server address.

KVIrc

You can pass the -s flag upon connecting to connect using SSL. The full command will look like this: /server -s irc.rizon.net


Connecting with SSL

Typically, your client will have a connection dialogue which may ask you if you wish to connect with SSL as one of the options, allow you to pass a -ssl argument as part of the connect command, or use a "+" in front of the port number. (i.e. "/server irc.rizon.net +6697", "/connect -ssl irc.rizon.net 6697")

Currently all Rizon servers have SSL support on port 6697 and 9999.

RizonBNC

RizonBNC allows SSL connections via port 12345 only.


Verify if SSL is in use

When you followed the steps above and still asking yourself if you are connecting with SSL you can use the /whois Nick command, where Nick is your username. An example output can be found here:

Nick is user@Rizon-ABCDEF.example.com * *
Nick on #Rizon
Nick using irc.rizon.net - Where are you?
Nick is using a secure connection
Nick is using modes +ix authflags: [none]
Nick is actually user@xyz.example.com [192.0.2.10]
Nick has been idle 2mins 8secs, signed on Wed Dec 03 03:57:45
Nick End of /WHOIS list.

You should see the following line:

Nick is using a secure connection