SSL Certificates can be used by your IRC client as a form of identification. The certificate fingerprint will be unique and will remain the same no matter what client or host you are using. This is useful for identification to people who may have a dynamic IP address. Certain things like NickServ, OperServ, and other bots can use certificate fingerprints as a form of passwordless authentication. Also, please note that in order to use an SSL certificate, you have to connect to the IRC using SSL aswell.

Create an SSL Certificate

Open your terminal and issue the following command:
openssl req -x509 -new -newkey rsa:4096 -sha256 -days 3650 -nodes -out nick.pem -keyout nick.pem

Make sure to chmod 400 nick.pem so that only you can read that file.


NickServ Usage

Once you setup your client to use your certificate, you can then add it to your NickServ account.
Identify to your nick with /NickServ identify <nick> <password>, and then do /NickServ CERT ADD.
Note: This will add the fingerprint of the certificate you are using to connect to your NickServ account.

Once you have your fingerprint added to your NickServ account, you no longer need to send a /NickServ identify command. You will automatically be identified upon connection, so as long as you connect with a client certificate thats fingerprint matches the one added to your NickServ account.

Client Usage


HexChat / XChat