In order to connect to a friend's IRC, I had to accept his self-signed certificate. This is quite a simple process of downloading the cert and referencing it as part of your IRSSI config.

Step 1 - Download cert

[email protected]:~ $ openssl s_client -showcerts -connect
depth=0 C = UK, ST = Place, O =, OU = IRCd, CN =
verify error:num=18:self signed certificate
verify return:1
depth=0 C = UK, ST = Place, O =, OU = IRCd, CN =
verify return:1
Certificate chain
 0 s:/C=UK/ST=Place/

[Certificate Data]


No client certificate CA names sent
Server Temp Key: ECDH, prime256v1, 256 bits
SSL handshake has read 2213 bytes and written 385 bytes
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Master-Key: THING
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1482173239
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
--- NOTICE * :*** Looking up your hostname... NOTICE * :*** Found your hostname (cached)

Note that this will also connect to the IRC server, as shown by the last two lines. You can disconnect by pressing CTRL-C

Step 2 - Add the certificate to IRSSI

Copy all the data between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- (including these tags)

Place this into a file accessible by your user. In this case, I put it in ~/.irssi/

Then, open your IRSSI config.

In the 'server' section, add the following parameter:


When you are finished, your config will look like:

    address = "";
    chatnet = "Example";
    port = "6697";
    use_ssl = "yes";
    ssl_verify = "yes";
    autoconnect = "yes";
    ssl_cafile = "~/.irssi/";

Now, restart IRSSI, and the connection should be successful!