Reference (but it’s vague): http://www.afternet.org/help/connecting/ssl

NOTE: AfterNET is adding a wildcard SSL certificate. This may obsolete these instructions.

1. Download the certificate.

2. Create a folder afternet.org under /usr/local/share/ca-certificates/

3. Copy afternet.cer to /usr/local/share/ca-certificates/afternet.org/

4. Symlink it as 90511bdb.0

ln -s afternet.cer 90511bdb.0

5. run update-ca-certificates to update the certificates list.

sudo update-ca-certificates

6. Open x-chat.

7. Edit your AfterNET entry.

8. Remove all the old servers and instead add.

ssl.afternet.org/6697
ssl.afternet.org/9998

9. Check both Use SSL for all Servers on this Network and Accept invalid SSL certificate.

Done.