free, distributed and user-friendly IRC client with Twitter, and XMPP/Jabber support for Linux, Windows and macOS based on GNOME / GTK+

Why do I get "The authentication or decryption has failed" on Linux?

You may have issues relating to authentication certificates in Mono resulting in an error that looks like this:

Connection failed! Reason: Could not connect to: The authentication or decryption has failed.

Here are some steps you can take to fix this.

Make sure you have the Mono SDK tools:

sudo apt-get install ca-certificates mono-devel

Next, import Mozilla's root CA certificates by running this bash command (do this as the user who is running smuxi-server, not as root):

for i in $(shopt -s nullglob; echo /usr/local/share/ca-certificates/*.crt \
    /usr/share/ca-certificates/*/*.crt); do certmgr -add -c Trust $i; done

Grab the "intermediate certificate" for the IRC network you're using. Example:

certmgr -ssl

Even though you may see a * WARNING: Certificate signature is INVALID *, this is okay (it is a display bug in Mono's mozroots tool). Say "y" to import this certificate into the CA store.

Now, to work around a certificate store bug in Mono (Mono's fix here), create these two directories:

sudo mkdir -p /usr/share/.mono/keypairs
sudo mkdir -p /usr/share/.mono/certs

Another known issue are broken or unsupported CA certificates in the store. They can break the certificate chain validation! Run this commands to see if your stores are OK or not:

if certmgr -list -c -m Trust > /dev/null 2>&1; then \
    echo "Your system store seems OK"; else echo "Your system store is BUGGED"; fi
if certmgr -list -c Trust > /dev/null 2>&1; then \
    echo "Your user store sems OK"; else echo "Your user store is BUGGED"; fi

When both commands return OK, then you can go ahead. If one store says BUGGED then you can try this command that should remove all broken/unsupported certificates from your stores:

for i in ~/.config/.mono/certs/Trust/*; do \
    if ! certmgr -add -c Trust $i > /dev/null 2>&1; then \
        echo "Removing BUGGY certificate ($i) from user store"; \
    rm $i; fi; done
# remove known CAs that cause issues with Mono
for i in 9AAF297AC011353526513000C36AFE40D5AED63C \
         7571A7194819BC9D9DEA4147DF94C4487799D379 \
         155F35575155FB25B2AD0369FC01A3FABE1155D5 \
         9AD8003000E76B7F8518EE8BB6CE8A0CF811E1BB \
         B31691FDEEA66EE4B52E498F87788180ECE5B1B5; do \
    rm -f ~/.config/.mono/certs/Trust/ski-$i.cer /usr/share/.mono/certs/Trust/ski-$i.cer; \

If the first SSL connect works but every connect after that not, then you'll need to set an environment variable to keep TLS (the secure connection) from caching (fore more details see ticket #802). That means prepending MONO_TLS_SESSION_CACHE_TIMEOUT=0 to the command you use to start Smuxi. For example:

MONO_TLS_SESSION_CACHE_TIMEOUT=0 nohup smuxi-server &

For the standalone Smuxi without a smuxi-server, you would start Smuxi like this:

MONO_TLS_SESSION_CACHE_TIMEOUT=0 smuxi-frontend-gnome

After restarting your Smuxi engine connecting Smuxi to servers with Use Encryption (SSL/TLS) and Validate Server Certificate should work now for you.

If you still have issues feel free to join #smuxi on OFTC or Freenode for further assistance (idle there for at least a day so you can read the reply!).