allow chatzilla to accept self-signed or invalid certificates

I have Firefox 3 running a Chatzilla 0.9.83 add-on. I wanted to use Chatzilla to connect to our company's public IRC server. The problem I had was this: the IRC server's SSL certificate was self-signed, therefore considered as invalid. And, due to Firefox3's weird sense of humor, Chatzilla is unable to connect to the server. But there's a work-around.

First, create an alias,

/alias certif eval getService("@mozilla.org/embedcomp/window-watcher\;1","nsIWindowWatcher").openWindow(null,"chrome://pippki/content/certManager.xul","mozilla:certmanager", "", null)

then, run it
/certif


This will open Mozilla's certmanager module. From there, you just click on the Servers tab and add the site's url - the one with an invalid cert. And that's it.

Note: this tip was given by Glenjamin on #chatzilla @ moznet.

2 comments:

Glenjamin said...

I would like to add that since this time i've come up with a much better alias, which is as follows:

/alias sx eval var opts = 'chrome=yes,dialog=yes,modal=yes,dependant=yes,centerscreen=yes'\; var args = {location: "$(all)", prefetchCert: true, exceptionAdded: false}\; window.openDialog('chrome://pippki/content/exceptionDialog.xul','exceptionDialog',opts, args)

you can then use /sx or /sx server:port to open the exception adding dialog.

Glenjamin.

Anonymous said...

Alternatively you can just go to the IRC server's address in your Firefox browser, ie https://my.irc.server:port/ and go through the usual "accept this certificate" dance.

It will return an error (something like "couldn't look up your hostname") but when you then connect with Chatzilla it should work.

No incantations needed :-)

Brendan.