Originally Posted By: imprim
Originally Posted By: Khaled
I have made another change that seems to resolve this issue.

Perfect! Thank you smile

Originally Posted By: Khaled

If I then open the mIRC Options->Connect->Options->SSL dialog and load UTN-USERFirst-Hardware.pem (exported from the Windows certificates dialog and converted from DER to PEM format) as the Trusted Authorities file and then connect again to the server, mIRC does not display the warning dialog and connects without any issues, indicating that it was able to validate the certificate.

To avoid exporting certificates by hand one can, for example, use Mozilla's certdata file http://mxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 , which is conveniently converted to PEM format by the kind folks at http://curl.haxx.se/docs/caextract.html .

Maybe mIRC can ship this file to ease life of its SSL-savvy users? It seems that MPL only applies to the file (and not to the product shipping it), but IANAL.

Please NO. mIRC (as every other program on the system) should use Windows CA storage/CryptoAPI. Every Windows OS has one and there is no need to duplicate the functionality.

Last edited by Vilius; 02/03/11 06:17 PM.