Table of Contents
IRC Self-Signed Certificate Errors
IRC clients show TLS certificate verification errors.
Symptom
IRC clients show TLS certificate verification errors. Error: “certificate is valid for ergo.test, localhost, not irc-direct.folk.zone”. Clients require manual certificate acceptance.
Cause
Ergo IRCd is using self-signed certificates instead of Let's Encrypt certificates.
Fix
Copy Let's Encrypt certificates from Caddy to Ergo.
Steps:
1. Copy certificates from Caddy container to IRC directory:
```bash mkdir -p ~/folkzone-new/irc/certs docker cp folkzone-caddy:/data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/irc-direct.folk.zone/irc-direct.folk.zone.crt ~/folkzone-new/irc/certs/fullchain.pem docker cp folkzone-caddy:/data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/irc-direct.folk.zone/irc-direct.folk.zone.key ~/folkzone-new/irc/certs/privkey.pem ```
2. Mount certificates in docker-compose.yml:
```yaml folkzone-irc-ergo:
volumes: - folkzone_irc_ergo_data:/ircd - ./irc/ircd.motd:/ircd/ircd.motd:ro - ./irc/certs/fullchain.pem:/ircd/fullchain.pem:ro - ./irc/certs/privkey.pem:/ircd/privkey.pem:ro environment: ERGO__SERVER__NAME: irc.folk.zone ERGO__NETWORK__NAME: folk.zone
```
3. Restart IRC server:
```bash docker compose up -d folkzone-irc-ergo ```
Prevention
Use Let's Encrypt certificates from the start. Certbot automatically handles renewal.