==== Quassel ====

Quasselcore <0.10 usse a manual selection for the SSL protocol, and this defaulted to SSLv3.\\
In version 0.10, the selector was removed and auto negotiation was used.\\
However, a >=0.10 client is connected to a <0.10 core, you can't change that SSL protocol.\\
The first option is to upgrade the core to 0.10 or later.\\
You can also either use an old client (<0.10) to change the SSL protocol to TLSv1 for that connection (once you change it, you can go back to using whichever client version you want) or update the client to 0.12-rc1, which restores the SSL protocol selector for connections to old cores.


==== irssi ====

All recent versions of irssi seem to work. If DANE verification doesn't work, ensure it is enabled and compiled in. See also https://github.com/irssi/irssi/commit/d826896f74925f2e77536d69a3d1a4b86b0cec61

<code>/connect -ssl -ssl_verify irc.darkfasel.net 6697</code>

if the above command fails, you need to specify the cacert root certificate:

<code>-ssl_cafile .irssi/ca_cacert.pem</code>

==== weechat ====

  /server add darkfasel irc.darkfasel.net/+6697 -ssl -autoconnect 
  /set irc.server.darkfasel.ssl_verify on
  /connect darkfasel
  /save
  /j #lobby

==== Chatzilla ====
Click here: <html><a href="ircs://irc.darkfasel.net">ircs://irc.darkfasel.net</a></html>

==== HexChat ====
[[clients:hexchat|Click here]] for Hexchat.

==== Generic Clients / stunnel ====

Configure stunnel in the following way to connect unsupported clients to localhost:

<code>
[irc]
client = yes
accept = 127.0.0.1:6667
connect = irc.darkfasel.net:9999
CAfile = /etc/ssl/certs/cacert-root.pem
verify = 2
checkHost = irc.darkfasel.net
</code>