ERC, HexChat, Smuxi, Quassel or mIRC.
You can connect to freenode by pointing your IRC client at `chat.freenode.net`
-on ports 6665-6667 and 8000-8002.
+on ports 6665-6667 and 8000-8002 for plain-text connections, or ports 6697, 7000
+and 7070 for SSL-encrypted connections.
## Accessing freenode Via SSL
For most clients this should be sufficient. If not, you can download the root
certificate from
-[IdenTrust](https://www.identrust.com/certificates/trustid/root-download-x3.html).
+[LetsEncrypt](https://letsencrypt.org/certificates/).
Client SSL certificates are also supported, and may be used for identification
to services. See [this kb article](kb/using/certfp). If you have connected with
EXTERNAL. You'll need to generate a client certificate and add that to your
NickServ account. This is documented [in our knowledge base](kb/using/certfp).
+Connecting using SASL EXTERNAL requires that you connect using SSL encryption.
+
Note that due to the SSL certificates not matching the hidden service, you
might have to disable the verification in your client. If your client supports
*key* pinning, you can verify our Tor server's public key fingerprint: