For my IRC network I have created my own private CA and certificates for each server. The public CA cert will work fine for verification if the connection establishes the first time. However, should the connection time out, mIRC will attempt to use the next IP from the round robin DNS pool. Which is good, but it doesn't retain the original hostname for verification purposes. This causes mirc to use the IP it connects to as the host for SSL verification instead of the original hostname, and causes a mis-match between the certificate common name and IP. Which causes mIRC to alert the user and asks if it should continue the connection or not.

Is there anyway to fix this problem with a setting that I don't know about? Or could a fix for this problem be considered in a future release? I tried to use * for the host in my server certificates, but mIRC considers wildcard only as invalid for common name it would seem.

Any help would be appreciated.

Thanks
Wolfwood