-
Notifications
You must be signed in to change notification settings - Fork 3
OpenSSL
kameloso uses OpenSSL to establish secure connections. It is the de facto standard SSL library in the Posix sphere (Linux, macOS, ...), but not so on Windows.
If you run into errors about missing SSL libraries when attempting to connect on Windows, supply the --get-openssl flag to download and launch the installer for OpenSSL for Windows, and opt to install to Windows system directories when asked.
To connect to an SSL server it's generally enough to just connect to a standard SSL port, such as 6697 or 443.
If you're connecting to an SSL server on a non-standard port and the autodetection doesn't work, simply pass --ssl to the program to force it, or persistently set ssl to true in the configuration file, under [Connection].
The library we use to make secure connections does not have the ability to fetch certificates from Windows' own certificate storage, so in addition to a system-wide installation of OpenSSL, you will also need a certificate authority bundle file. If you pass --get-cacert on the command line, the program will download a cacert.pem file as extracted from Mozilla Firefox by the cURL project, and save it next to your configuration file.
If you want to save it elsewhere, pass a path to --cacert= at the same time as --get-cacert.
./kameloso --get-cacert --cacert=cacert.pemYou can supply both --get-openssl and --get-cacert at the same time for a one-time setup.
Ideally we would, but there are no ready D libraries for it.