GNU bug report logs -
#76278
29.4; ERC 5.5.0.29.1: ERC Manual does not mention usage of .pem client certificates
Previous Next
Full log
View this message in rfc822 format
On 14/2/25 19:34, Eli Zaretskii wrote:
>> Date: Fri, 14 Feb 2025 14:43:32 +1100
>> From: Archie Halliwell <archie <at> halliwell.com.au>
>>
>> The ERC Manual does not explain how to use .pem client certificates,
>> only how to use the combination of a .crt certificate and .key private
>> key. This is confusing as Libera.Chat's CertFP instructions only mention
>> the use of a .pem file, instructing users on how to create an
>> appropriate one.
>>
>> The manual should really mention that a .pem file can be used as both
>> files in the client-certificate list.
> Does ERC use the .pem file directly, or does it use it indirectly,
> though some GnuTLS interface? If the latter, then the source might
> not be from a .pem file, but instead from some equivalent OS service
> (this happens on MS-Windows, for example). So the manual should not
> cause users of such systems go look for a .pem file that might not
> even exist, or be irrelevant.
>
> Apologies if the above makes no sense: I don't use ERC and know very
> little about it.
>
> Thanks.
I believe that ERC uses GnuTLS, however the filenames are either
specified in the client-certificate argument to ,,erc-tls,, or found in
.authinfo.gpg. The manual gives examples using .key and .crt files, but
not using .pem files. There is mention of using other services to
provide certificates using auth-service, however auth-service seems to
have disappeared and all links to it are broken. Libera.Chat's
instructions mention the creation of .pem files on Windows as well, so I
expect that specifing a .pem file through the client-certificate keyword
argument is the "correct" way on all platforms.
This bug report was last modified 76 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.