install ca-certificates package because 1.6

2026-02-19 01:46:42 +00:00 · 2015-12-06 22:56:04 -05:00
parent 7988d12cc4
commit 901b5d3df2
2 changed files with 15 additions and 1 deletions
--- a/2
+++ b/2
@@ -7,7 +7,7 @@ ENV ZNC_VERSION 1.6.1

 RUN apt-get update \
    && apt-get install -y sudo wget build-essential libssl-dev libperl-dev \
-               pkg-config swig3.0 libicu-dev \
+               pkg-config swig3.0 libicu-dev ca-certificates \
    && mkdir -p /src \
    && cd /src \
    && wget "http://znc.in/releases/archive/znc-${ZNC_VERSION}.tar.gz" \
--- a/README.md
+++ b/README.md
@@ -84,6 +84,20 @@ Make note of the use of `-i` and `-t` instead of `-d`. This attaches us to the
 container, so we can interact with ZNC's makepass process. With `-d` it would
 simply run in the background.

+## A note about ZNC 1.6
+
+Starting with version 1.6, ZNC now requires ssl/tls certificate verification!
+This means that it will *not* connect to your IRC server(s) if they don't
+present a valid certificate. This is meant to help keep you safer from
+MitM attacks.
+
+This image installs the debian/ubuntu `ca-certificates`
+[package](http://packages.ubuntu.com/vivid/ca-certificates) so that servers
+with valid certificates will automatically be connected to ensuring no additional
+user intervention needed. If one of your servers doesn't have a valid fingerprint,
+you will need to connect to your bouncer and respond to `*status`.
+
+See [this](https://mikaela.info/english/2015/02/24/znc160-ssl.html) article for more information.

 ## Building It Yourself