Server Features » TLS
TLS support
4,328 servers (65%) out of the 6,660 IRC servers on the Internet have SSL/TLS support on port 6697.Protocol chart
This shows the SSL/TLS protocols available on servers. You can click on the chart to see more details. You can also check the table at the bottom of this page.Note on statistics: there is a difference in the gathering of TLS servers between 2017-2019 and 2020-onwards, see SSL/TLS statistics on the data page.
Table
Below you can see for each TLS version how often it is offered on IRC servers (percentage). Click an item to see more details.| SSL/TLS version | Sep 2017 | Dec 2018 | Dec 2019 | Dec 2020 | Dec 2021 | Dec 2022 | Dec 2023 | Dec 2024 | Dec 2025 |
|---|---|---|---|---|---|---|---|---|---|
| any | 36% | 40% | 41% | 51% | 56% | 58% | 60% | 62% | 65% |
| ssl2 | 0% | 0% | 0% | 0% | 0% | 0% | 0% | 0% | 0% |
| ssl3 | 13% | 10% | 8% | 4% | 4% | 3% | 3% | 2% | 2% |
| tls1 | 33% | 37% | 36% | 38% | 42% | 39% | 27% | 24% | 21% |
| tls1_1 | 31% | 36% | 36% | 42% | 43% | 40% | 28% | 24% | 21% |
| tls1_2 | 32% | 37% | 39% | 48% | 54% | 56% | 59% | 61% | 64% |
| tls1_3 | 0% | 1% | 8% | 21% | 33% | 40% | 45% | 50% | 55% |
Certificate validation
On all SSL/TLS IRC servers we verified the certificate. Click on the chart to see more details. You can also check the table at the bottom of this page.Note on statistics:
- There is a difference in the gathering of TLS servers between 2017-2019 and 2020-onwards, see SSL/TLS statistics on the data page.
- For certificate validation errors, OpenSSL (s_client) returns a single error only, so only 1 of the errors is picked even though one server cert could have multiple errors.
- However, from 2023 onwards "Expired" is detected even when there are other errors (eg. Unknown CA).
Table
| Certificate status | Sep 2017 | Dec 2018 | Dec 2019 | Dec 2020 | Dec 2021 | Dec 2022 | Dec 2023 | Dec 2024 | Dec 2025 |
|---|---|---|---|---|---|---|---|---|---|
| Any SSL/TLS certificate | 100% | 100% | 100% | 100% | 100% | 100% | 100% | 100% | 100% |
| Valid certificate | 19% | 22% | 25% | 37% | 37% | 43% | 41% | 44% | 49% |
| Self-signed certificate | 58% | 54% | 51% | 43% | 42% | 37% | 37% | 34% | 29% |
| Unknown/non-trusted Certificate Authority | 18% | 16% | 15% | 15% | 20% | 15% | 7% | 6% | 5% |
| Expired certificate | 4% | 5% | 7% | 5% | 1% | 3% | 24% | 25% | 23% |
| Hostname mismatch | 2% | 2% | 2% | 0% | 0% | 2% | 4% | 4% | 3% |
Negotiated cipher
On all SSL/TLS IRC servers we count the cipher that was negotiated between the client and the IRC server. Note that this says nothing about other ciphers that may also be available on the server.Click on the chart to see more details. You can also check the table at the bottom of this page.
Note on statistics: there is a difference in the gathering of TLS servers between 2017-2019 and 2020-onwards, see SSL/TLS statistics on the data page.
Table
| Cipher | Sep 2017 | Dec 2018 | Dec 2019 | Dec 2020 | Dec 2021 | Dec 2022 | Dec 2023 | Dec 2024 | Dec 2025 |
|---|---|---|---|---|---|---|---|---|---|
| AES-128 cipher | 1% | 2% | 2% | 2% | 3% | 6% | 10% | 11% | 15% |
| AES-256 cipher | 98% | 88% | 83% | 75% | 66% | 60% | 56% | 53% | 49% |
| CHACHA20 | 0% | 10% | 16% | 23% | 31% | 34% | 34% | 36% | 35% |
| Non-AES cipher | 0% | 0% | 0% | 0% | 0% | 0% | 0% | 0% | 0% |
Forward Secrecy
This shows how many of the SSL/TLS IRC servers have Forward Secrecy enabled. Click on the chart to see more details. You can also check the table at the bottom of this page.Note on statistics: there is a difference in the gathering of TLS servers between 2017-2019 and 2020-onwards, see SSL/TLS statistics on the data page.
Table
| Forward Secrecy | Sep 2017 | Dec 2018 | Dec 2019 | Dec 2020 | Dec 2021 | Dec 2022 | Dec 2023 | Dec 2024 | Dec 2025 |
|---|---|---|---|---|---|---|---|---|---|
| Forward Secrecy enabled | 69% | 76% | 81% | 87% | 92% | 94% | 95% | 96% | 97% |
| Forward Secrecy unavailable | 31% | 24% | 19% | 13% | 8% | 6% | 5% | 4% | 3% |
Hashing algorithm
On all SSL/TLS IRC servers we counted the hashing algorithm that was negotiated between the client and the IRC server. Note that this says little about other hashing algorithms that may also be available on the server.Click on the chart to see more details. You can also check the table at the bottom of this page.
Note on statistics: there is a difference in the gathering of TLS servers between 2017-2019 and 2020-onwards, see SSL/TLS statistics on the data page.
Table
| Hashing algorithm | Sep 2017 | Dec 2018 | Dec 2019 | Dec 2020 | Dec 2021 | Dec 2022 | Dec 2023 | Dec 2024 | Dec 2025 |
|---|---|---|---|---|---|---|---|---|---|
| SHA-1 hashing algorithm | 11% | 7% | 6% | 3% | 2% | 2% | 2% | 2% | 1% |
| SHA-256 hashing algorithm | 7% | 7% | 13% | 22% | 31% | 38% | 43% | 46% | 50% |
| SHA-384 hashing algorithm | 83% | 77% | 74% | 70% | 63% | 57% | 53% | 51% | 48% |
| SHA-512 hashing algorithm | 0% | 8% | 6% | 4% | 3% | 2% | 2% | 1% | 1% |
Key Exchange
On all SSL/TLS IRC servers we looked at the key exchange group that was used between the client and the IRC server. This does not show all groups that were available at the server, just which one was negotiated.It's worth noting that of the observed groups,
X25519MLKEM768 is the only one that protects against
Harvest now, decrypt later.Click on the chart to see more details. You can also check the table at the bottom of this page.
Note on statistics: there is a difference in the gathering of TLS servers between 2017-2019 and 2020-onwards, see SSL/TLS statistics on the data page.