I try to setup ERC > ZNC connection over SSL. The no-SSL connections works fine. The problem is when I try to connect using Erc via erc-tls command, nothing happens, the "Opening Connection.." message stays forever.
ZNC config:
AnonIPLimit = 10
ConnectDelay = 5
ProtectWebSessions = true
ServerThrottle = 30
Skin = _default_
StatusPrefix = *
SSLCiphers = EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocols = -SSLv2 -SSLv3 -TLSv1 +TLSv1.1 +TLSv1.2
Version = 1.7.2
<Listener l>
IPv4 = true
IPv6 = false
SSL = true
AllowIRC = true
AllowWeb = false
</Listener>
...
Emacs config:
(setq tls-program
'("gnutls-cli --x509cafile %t -p %p %h"
"gnutls-cli --x509cafile %t -p %p %h --protocols ssl3"
"gnutls-cli --priority secure256 -p %p %h"))
I connect via ERC: (erc-tls :server "server.domain" :port 55555 :nick "znc-nick" :password "znc-nick/freenode:znc-password")
Any ideas?
Problem solved. The issue was caused by too strict network profile in Emacs, which disallowed incoming self signed certificates. To work around this, and keep the current settings intact I created function which I run to start ERC session. I use ZNC package to connect with ZNC server.
(defun my/znc-all ()
"Connect to all ZNC networks. Accept incoming self signed certificates."
(interactive)
(let ((tls-checktrust nil)
(gnutls-verify-error nil))
(znc-all)))