summaryrefslogtreecommitdiff
path: root/doc/en/weechat_user.en.adoc
diff options
context:
space:
mode:
Diffstat (limited to 'doc/en/weechat_user.en.adoc')
-rw-r--r--doc/en/weechat_user.en.adoc62
1 files changed, 31 insertions, 31 deletions
diff --git a/doc/en/weechat_user.en.adoc b/doc/en/weechat_user.en.adoc
index d04104f2b..7ef9e573f 100644
--- a/doc/en/weechat_user.en.adoc
+++ b/doc/en/weechat_user.en.adoc
@@ -27,7 +27,7 @@ light, designed for many operating systems.
Main features are:
* multi-protocols (mainly IRC)
-* multi-servers connection (with SSL, IPv6, proxy)
+* multi-servers connection (with TLS, IPv6, proxy)
* small, fast and light
* customizable and extensible with plugins and scripts
* compliant with IRC RFCs
@@ -159,7 +159,7 @@ WeeChat:
| Package ^(1)^ | Version | Features
| {cpp} compiler (pass:[g++ / clang++]) | | Build and run tests, JavaScript plugin.
| gettext | | Internationalization (translation of messages; base language is English).
-| ca-certificates | | Certificates for SSL connections.
+| ca-certificates | | Certificates for TLS connections.
| libaspell-dev / libenchant-dev | | Spell plugin.
| python3-dev | ≥ 3.0 | Python plugin.
| libperl-dev | | Perl plugin.
@@ -729,10 +729,10 @@ This can be done while WeeChat is running.
=== Upgrade command
WeeChat can restart the new binary, in place, using the
-<<command_weechat_upgrade,/upgrade>> command: the buffer contents and non-SSL
+<<command_weechat_upgrade,/upgrade>> command: the buffer contents and non-TLS
connections are preserved. +
-The SSL connections are lost during upgrade and are restored automatically
-after the upgrade (reload of SSL sessions is currently not possible
+The TLS connections are lost during upgrade and are restored automatically
+after the upgrade (reload of TLS sessions is currently not possible
with GnuTLS).
The command can also be used if you have to restart the machine, for example
@@ -3158,7 +3158,7 @@ Sections in file _weechat.conf_:
| history | /set weechat.history.* | History options (commands and buffers).
| proxy | <<command_weechat_proxy,/proxy>> +
/set weechat.proxy.* | Proxy options.
-| network | /set weechat.network.* | Network/SSL options.
+| network | /set weechat.network.* | Network/TLS options.
| plugin | /set weechat.plugin.* | Options on plugins.
| signal | /set weechat.signal.* | Options on signals.
| bar | <<command_weechat_bar,/bar>> +
@@ -3210,10 +3210,10 @@ By default no servers are defined. You can add as many servers as you want with
the <<command_irc_server,/server>> command.
For example to connect to https://libera.chat/[libera.chat ^↗^,window=_blank]
-with SSL (encrypted trafic):
+with TLS (encrypted trafic):
----
-/server add libera irc.libera.chat/6697 -ssl
+/server add libera irc.libera.chat/6697 -tls
----
You can tell WeeChat to auto-connect to this server on startup:
@@ -3292,13 +3292,13 @@ irc.server.libera.sasl_password string "${sec.data.libera}"
irc.server.libera.sasl_timeout integer null -> 15
irc.server.libera.sasl_username string "alice"
irc.server.libera.split_msg_max_length integer null -> 512
-irc.server.libera.ssl boolean on
-irc.server.libera.ssl_cert string null -> ""
-irc.server.libera.ssl_dhkey_size integer null -> 2048
-irc.server.libera.ssl_fingerprint string null -> ""
-irc.server.libera.ssl_password string null -> ""
-irc.server.libera.ssl_priorities string null -> "NORMAL:-VERS-SSL3.0"
-irc.server.libera.ssl_verify boolean null -> on
+irc.server.libera.tls boolean on
+irc.server.libera.tls_cert string null -> ""
+irc.server.libera.tls_dhkey_size integer null -> 2048
+irc.server.libera.tls_fingerprint string null -> ""
+irc.server.libera.tls_password string null -> ""
+irc.server.libera.tls_priorities string null -> "NORMAL:-VERS-SSL3.0"
+irc.server.libera.tls_verify boolean null -> on
irc.server.libera.usermode string null -> ""
irc.server.libera.username string null -> "alice"
....
@@ -3317,13 +3317,13 @@ value, which is now `on` instead of the default value `off`:
/unset irc.server.libera.autoconnect
----
-[[irc_ssl_certificates]]
-==== SSL certificates
+[[irc_tls_certificates]]
+==== TLS certificates
-When connecting to IRC server with SSL, WeeChat checks by default that the
+When connecting to IRC server with TLS, WeeChat checks by default that the
connection is fully trusted.
-Some options are used to control SSL connection:
+Some options are used to control TLS connection:
weechat.network.gnutls_ca_system::
load system's default trusted certificate authorities on startup
@@ -3331,19 +3331,19 @@ weechat.network.gnutls_ca_system::
weechat.network.gnutls_ca_user::
extra file(s) with certificate authorities
-irc.server.xxx.ssl_cert::
- SSL certificate file used to automatically identify your nick (for example
+irc.server.xxx.tls_cert::
+ TLS certificate file used to automatically identify your nick (for example
CertFP on oftc, see below)
-irc.server.xxx.ssl_dhkey_size::
+irc.server.xxx.tls_dhkey_size::
size of the key used during the Diffie-Hellman Key Exchange (by default:
2048)
-irc.server.xxx.ssl_verify::
- check that the SSL connection is fully trusted (on by default)
+irc.server.xxx.tls_verify::
+ check that the TLS connection is fully trusted (on by default)
[NOTE]
-Option "ssl_verify" is on by default, so verification is strict and may fail,
+Option "tls_verify" is on by default, so verification is strict and may fail,
even if it was OK with versions prior to 0.3.1.
[[irc_connect_oftc_with_certificate]]
@@ -3352,8 +3352,8 @@ even if it was OK with versions prior to 0.3.1.
* Import certificate in shell:
----
-$ mkdir -p ~/.config/weechat/ssl
-$ wget -O ~/.config/weechat/ssl/CAs.pem https://www.spi-inc.org/ca/spi-cacert.crt
+$ mkdir -p ~/.config/weechat/tls
+$ wget -O ~/.config/weechat/tls/CAs.pem https://www.spi-inc.org/ca/spi-cacert.crt
----
[NOTE]
@@ -3375,8 +3375,8 @@ It is possible to concatenate many certificates in file CAs.pem.
* Create certificate in shell:
----
-$ mkdir -p ~/.config/weechat/ssl
-$ cd ~/.config/weechat/ssl
+$ mkdir -p ~/.config/weechat/tls
+$ cd ~/.config/weechat/tls
$ openssl req -nodes -newkey rsa:2048 -keyout nick.pem -x509 -days 365 -out nick.pem
----
@@ -3387,7 +3387,7 @@ which can also be for example `~/.weechat`.
* In WeeChat, with "oftc" server already added:
----
-/set irc.server.oftc.ssl_cert "${weechat_config_dir}/ssl/nick.pem"
+/set irc.server.oftc.tls_cert "${weechat_config_dir}/tls/nick.pem"
/connect oftc
/msg nickserv cert add
----
@@ -3675,7 +3675,7 @@ WeeChat supports SASL authentication, using different mechanisms:
* _scram-sha-256_: SCRAM with SHA-256 digest algorithm
* _scram-sha-512_: SCRAM with SHA-512 digest algorithm
* _ecdsa-nist256p-challenge_: challenge with public/private key
-* _external_: client side SSL cert
+* _external_: client side TLS cert
Options in servers are: