Configuring Client SSL Certificates for XChat
These instructions are partially taken, with permission, from OFTC. Thanks!
Make a cert if you haven't already. XChat does not support passphrase-protected client certificates, so make sure you specify the -nodes option.
Copy the cert you made into your ~/.xchat2 directory, C:\Users\USERNAME\AppData\Roaming\X-Chat2 directory, or from wherever XChat stores user settings. The certificate filename must match the name of the network, so you should probably name it freenode.pem.
From the XChat menu, select Network list.
Find freenode in the network list, and click Edit. The network name may be mis-capitalized as "FreeNode".
Enable the option to Use SSL for all servers on this network.
If you have installed the UTN-USERFirst-Hardware certificate to be trusted (perhaps by installing a root-ca package, as explained on the IRC Servers page), then the SSL connection should verify. If not, you may have to enable the Accept invalid SSL certificate option.
Click Connect. You should be connected using SSL, and in your own whois you should see your certificate fingerprint. You can tell NickServ to automatically identify based on this certificate fingerprint by doing:/msg nickserv CERT ADD
mv mynick.pem ~/.xchat2/freenode.pem
Make sure the filesystem permissions restrict read access for the file to just you.
If you know of any additions or corrections, or would like to contribute improvements, contact us at the email below.