Using SSL
(New page: The information given here will hopefully assist you in connecting to ChatX using an encrypted connection. This is a work in progress and will become more complete in the near future so pl...)
Newer edit →
Revision as of 21:52, 1 October 2007
The information given here will hopefully assist you in connecting to ChatX using an encrypted connection. This is a work in progress and will become more complete in the near future so please check back often.
Some ChatX servers have recently started to utilize SSL encryption for client connections. Those servers supporting such listen on port 7000 for incoming SSL connections. There are several methods you can utilize to connect using SSL. The method chosen depends entirely on the client and any additional tunnel software, if needed. Currently, the following clients offer native or builtin SSL support for connections:
For clients that do not have built-in SSL support such as mIRC versions priot to 6.14 you will need to use an SSL tunnel program. There are two popular SSL tunnels in use now for IRC clients. A unix/linux/windows version that can be used is stunnel and a windows only version is winsslwrap or StunTour. SSL connections are established by connecting through a tunnel. The tunnel opens an SSL connection to an SSL enabled server, and then opens a local connection on your computer. The local connection is usually opened on port 6667, the default IRC port, or can be customised by the user. The client then only needs to connect to localhost (127.0.0.1), or basically to the local computer on the port that the SSL tunnel is listening on. An example command one might use in mIRC with an SSL tunnel program would be: /server localhost . If a port is not specified, the client will usually use the default port, 6667.
Servers Supporting SSL
- queen.il.us.chatx.net port 7070
Using SSL with mIRC 6.14+
Since the majority of our users use mIRC, we'll explain on how to connect to ChatX using it. We assume you're using version 6.14 or newer, which all have built-in support for connecting to ssl servers, using the OpenSSL libraries.
The OpenSSL libraries are not included with mIRC for licensing reasons, but you can download them pre-compiled for win32 (windows 9x, 2000, 2003, XP) from here. After you download that file, extract the included libraries (libeay32.dll and ssleay32.dll) into your mIRC directory, or you can extract them to your windows/system directory if you prefer.
NOTE: The library files provided above were compiled from the OpenSSL 0.9.8 sources. If you know how to and prefer to compile your own, you can do that as well.
After you have installed libeay32.dll and ssleay32.dll, shutdown mIRC and restart it, then it should automatically find the library files and load them. To make sure your copy of mIRC will now work with ssl, you can check the $sslready variable (type //echo $sslready in your status window, and mIRC should return $true if the OpenSSL libraries are properly loaded).
We use port 7070 for all incoming ssl connections to leafs, so to connect using ssl just use /server servername +7070 (the plus sign is required for ssl connections). For a list of available servers, please see the list above. After you have connected, you can verify that you are connected with ssl using the $ssl variable in mIRC (type //echo $ssl in your status window, and mIRC should return $true). Another way to see if you are connected with ssl is to /WHOIS yourself by typing /WHOIS YourNick, and in your WHOIS output you will see a line like this:
YourNick is using a secure connection (SSL)
If you are using an mIRC version older than 6.14, then the above instructions do not apply to you. You should upgrade to the latest mIRC version. If for some reason you want to keep your current version of mIRC, then you will have to use an ssl tunnel, like StunTour.
SSL-only channels
ChatX's servers support channel mode +S, which means only users connected using SSL will be allowed to join the channel. This is useful for those who want to ensure that their communications on the channel are entirely secure.