We have fully transitioned to using Let's Encrypt certificates for our IRC servers. This means we no longer sign our certificates using our own Certificate Authority (CA) for client connections. Most IRC clients should have no problem verifying them; however, you can download the root certificate from LetsEncrypt if need be.
We now also support SNI. For clients that support it, this means the server will offer the appropriate certificate regardless of whether you connect using irc.darenet.org or use the server's darenet.org hostname.
Have feedback on this post? Share it with us in #DareNET on IRC.