==== Quassel ====
Quasselcore <0.10 usse a manual selection for the SSL protocol, and this defaulted to SSLv3.\\
In version 0.10, the selector was removed and auto negotiation was used.\\
However, a >=0.10 client is connected to a <0.10 core, you can't change that SSL protocol.\\
The first option is to upgrade the core to 0.10 or later.\\
You can also either use an old client (<0.10) to change the SSL protocol to TLSv1 for that connection (once you change it, you can go back to using whichever client version you want) or update the client to 0.12-rc1, which restores the SSL protocol selector for connections to old cores.
==== irssi ====
All recent versions of irssi seem to work. If DANE verification doesn't work, ensure it is enabled and compiled in. See also https://github.com/irssi/irssi/commit/d826896f74925f2e77536d69a3d1a4b86b0cec61
/connect -ssl -ssl_verify irc.darkfasel.net 6697
if the above command fails, you need to specify the cacert root certificate:
-ssl_cafile .irssi/ca_cacert.pem
==== weechat ====
/server add darkfasel irc.darkfasel.net/+6697 -ssl -autoconnect
/set irc.server.darkfasel.ssl_verify on
/connect darkfasel
/save
/j #lobby
==== Chatzilla ====
Click here: ircs://irc.darkfasel.net
==== HexChat ====
[[clients:hexchat|Click here]] for Hexchat.
==== Generic Clients / stunnel ====
Configure stunnel in the following way to connect unsupported clients to localhost:
[irc]
client = yes
accept = 127.0.0.1:6667
connect = irc.darkfasel.net:9999
CAfile = /etc/ssl/certs/cacert-root.pem
verify = 2
checkHost = irc.darkfasel.net