For self-signed certificates: Your browser will show a security warning. You MUST manually verify the certificate fingerprint.
Step-by-step verification process:
Get the SHA-256 fingerprint from the server admin via a secure side channel (phone call, Signal, in-person, etc.)
Click CONNECT above
Browser will show: "Your connection is not private" or "Warning: Potential Security Risk"
Click "Advanced" or "More information"
Click "View Certificate" (Chrome/Edge) or certificate details (Firefox)
Find the SHA-256 Fingerprint in the certificate details
Compare this fingerprint with what the admin sent you via side channel
If they MATCH: Go back and click "Proceed to [site]" or "Accept the Risk"
If they DON'T MATCH: DO NOT PROCEED - possible MITM attack!
⚠️ CRITICAL: Do NOT skip the fingerprint verification step. This is your only protection against man-in-the-middle attacks with self-signed certificates.
💡 For production: Use Let's Encrypt (free) for proper certificates that don't require manual verification.
Room:
User:
Quality:
Press Ctrl+Enter to send • Shift+Enter for newline