Mikaela
/
mikaela.github.io
mirror of https://github.com/mikaela/mikaela.github.io/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

2015-02-24-znc160-ssl.md: fix cut sentence

This commit is contained in:
Aminda Suomalainen 2015-10-02 09:02:28 +03:00
parent 73536226b6
commit 11f66cd381
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
_posts/2015-02-24-znc160-ssl.md
View File

@ -1,4 +1,4 @@
---
--
layout: post
comments: true
title: "ZNC 1.6.0 & SSL certificate verification"
@ -97,8 +97,12 @@ network.
1. You don't have `ca-certificates` package installed, so your system
trusts no certificate authority. Install it and try again.
2. You are connecting to wrong address. freenode's certificate is vaid for
\*.freenode.net, but some other domains are CNAMEs to it and get
2. You are connecting to wrong address. freenode's certificate is valid for
\*.freenode.net, but there are CNAMEs pointing there. If you connect to
CNAME and the certificate isn't valid for that CNAME, the certificate
is invalid.
* You should always connect to either `irc.freenode.net` or
`chat.freenode.net` where it points to.
3. There is MITM which is unlikely, but unlikely is not impossible.
Validating the certificates either by trusted certificates or verifying
the fingerprints securely manually protect you from this. If MITM is the