~emersion/soju#251: 
Allow to connect to a server using custom client certificates

Soju doesn’t seem to be able to be able to connect to a server using a custom certificate. It is able to generate new certificates for SASL using certfp generate, but as far as i can see nothing similar to irc.server.xxx.tls_cert from weechat which gives the ability to use a ready-made certificate.

There seems to be ways around it by modifying the database by hand but it would be nice to be able to do this properly using sojuctl or something like that.

Status
REPORTED
Submitter
~kit-ty-kate
Assigned to
No-one
Submitted
6 days ago
Updated
a day ago
Labels
No labels applied.

~emersion REPORTED CLOSED 2 days ago

With BouncerServ, network create|update has a -certfp flag (see the man page for the format of the certificate hash). This can be used to connect to a server with a self-signed certificate.

~flokli a day ago

irc.server.xxx.tls_cert is about client certificates, that the client (Soju in that case) uses to identify with the IRC server.

Some IRC servers issue client certificates, and this issue is about being able to configure Soju with these certs without manually poking in the database.

~emersion CLOSED REPORTED a day ago

Oh, sorry, I misunderstood. So this is about SASL EXTERNAL with client certificate, but instead of using a soju-generated one, use a user-provided one?

That would be nice indeed, but still unsure how one would upload a certificate.

Register here or Log in to comment, or comment via email.