4

So I'm trying to see up SSL for IRC through weechat, but have been having issues.

I've generated a .pem file for my nick and also have installed the ca-bundle.crt, but keep getting a TLS handshake error.

15:39:14 freenode  ℹ  ╡ irc: connecting to server chat.freenode.net/6667 (SSL)...
15:39:14 freenode =!= ╡ irc: TLS handshake failed
15:39:14 freenode =!= ╡ irc: error: An unexpected TLS packet was received.
15:39:14 freenode  ℹ  ╡ irc: reconnecting to server in 10 seconds

I've been reading the docs here, appear to have all my settings right, and have a valid pem file, but I'm not sure what could be the issue.

weechat.network.gnutls_ca_file            string   "/usr/local/opt/curl-ca-bundle/share/ca-bundle.crt"
irc.server.freenode.ssl              boolean  on
irc.server.freenode.ssl_cert         string   "%h/ssl/nick.pem"
irc.server.freenode.ssl_priorities  string   "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-SSL3.0:%COMPAT"

Any ideas? Any tips or ideas are appreciated.

Improve this question

3 Answers 3

Reset to default
2 
15:39:14 freenode  ℹ  ╡ irc: connecting to server chat.freenode.net/6667 (SSL)...

Weechat defaults to port 6667 if you don't specify. Freenode uses 6697. 

/set irc.server.freenode.addresses irc.freenode.net/6697
Improve this answer
1

I know this is a very old question but it is shown in the top results on Google.

What fixes this error, quite a lot of times, is playing with irc.server.servername.ssl_dhkey_size. Some servers accept 512, some 1024. try powers of two and see if one works.

I would also appreciate it somebody could enlighten why this is actually working.

Improve this answer
0

In Debian 9, this worked for me...

apt-get install ca-cacert

Then in weechat I did 

/server add freenode chat.freenode.net/7070 -ssl
/connect freenode

If that doesn't work, I'm guessing you might want to...

apt-get upgrade openssl
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .