mIRC Home    About    Download    Register    News    Help

Print Thread
Connecting via SSL: trusted issuer/root cert #207793 02/01/09 11:13 AM
Joined: Jan 2004
Posts: 4
S
SirTwist Offline OP
Self-satisified door
OP Offline
Self-satisified door
S
Joined: Jan 2004
Posts: 4
Hi all,

I'm trying to connect via SSL against a psybnc. This works fine, but until now psybnc used a self-signed certificate and I had to tell mIRC that this is a trustworthy cert. Now I have my own little CA and I gave psybnc a server certificate from my CA. The root certificate is stored in my windows certificate store under "Trusted root certificates". Nevertheless mIRC asks me to validate this server certificate. When I connect via Firefox to my psybnc's port, Firefox tells me that it can completely validate this server certificate.

So my question: Does anyone know where to store trusted root/issuer certificates so that mIRC (libssl/ssleay) accepts the server certs?

Thanks in advance!

Regards,
Sir Twist

Re: Connecting via SSL: trusted issuer/root cert [Re: SirTwist] #207794 02/01/09 11:39 AM
Joined: Dec 2002
Posts: 3,138
C
Collective Offline
Hoopy frood
Offline
Hoopy frood
C
Joined: Dec 2002
Posts: 3,138
I think you can do this via the mIRC Options -> Connect -> Options -> [SSL...] (button) -> Trusted Authorities File setting, but I haven't tested it.

Re: Connecting via SSL: trusted issuer/root cert [Re: Collective] #207795 02/01/09 12:39 PM
Joined: Jan 2004
Posts: 4
S
SirTwist Offline OP
Self-satisified door
OP Offline
Self-satisified door
S
Joined: Jan 2004
Posts: 4
Hi,

yeah, I tested this before, but I only got the error message:
* SSL error: unable to load trusted authorities

That was my fault, the certificate has to be in base64 format, not DER coded. After exporting the CA certificate in base64, it works fine.

Thanks all!

Regards,
SirTwist

Re: Connecting via SSL: trusted issuer/root cert [Re: SirTwist] #207819 03/01/09 02:06 PM
Joined: Aug 2004
Posts: 7,252
R
RusselB Offline
Hoopy frood
Offline
Hoopy frood
R
Joined: Aug 2004
Posts: 7,252
While I'm not too familiar with SSL and the various methods of coding the certificates, it sounds like having mIRC be able to recognize all (or the most used) codings would be a decent suggestion for the Feature Suggestion forum.