Mikaela/mikaela.github.io
1
0
Fork 0
mirror of https://github.com/mikaela/mikaela.github.io/ synced 2025-01-12 22:12:32 +01:00
Code Issues Projects Releases Wiki Activity

2015-02-24-znc160-ssl.md: fix cut sentence

Browse Source
This commit is contained in:
Aminda Suomalainen 2015-10-02 09:02:28 +03:00
parent 73536226b6
commit 11f66cd381
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
_posts/2015-02-24-znc160-ssl.md
View File

@ -1,4 +1,4 @@
--- --
layout: post layout: post
comments: true comments: true
title: "ZNC 1.6.0 & SSL certificate verification" title: "ZNC 1.6.0 & SSL certificate verification"
@ -97,8 +97,12 @@ network.
1. You don't have `ca-certificates` package installed, so your system 1. You don't have `ca-certificates` package installed, so your system
trusts no certificate authority. Install it and try again. trusts no certificate authority. Install it and try again.
2. You are connecting to wrong address. freenode's certificate is vaid for 2. You are connecting to wrong address. freenode's certificate is valid for
\*.freenode.net, but some other domains are CNAMEs to it and get \*.freenode.net, but there are CNAMEs pointing there. If you connect to
CNAME and the certificate isn't valid for that CNAME, the certificate
is invalid.
* You should always connect to either `irc.freenode.net` or
`chat.freenode.net` where it points to.
3. There is MITM which is unlikely, but unlikely is not impossible. 3. There is MITM which is unlikely, but unlikely is not impossible.
Validating the certificates either by trusted certificates or verifying Validating the certificates either by trusted certificates or verifying
the fingerprints securely manually protect you from this. If MITM is the the fingerprints securely manually protect you from this. If MITM is the