Help with getting Unbound to use DoH (DNS over HTTPS)
Hendrik Meyburgh
hendrikdm at gmail.com
Mon Feb 22 18:42:21 UTC 2021
Hi.
Try adding the --with-ssl compile option. You can then run unbound with -d and -v
for debug information during startup and will give you more info why it is not
working.
On Mon, Feb 22, 2021 at 10:36:22AM -0600, Ronald Nutter via Unbound-users wrote:
> I have been using Unbound with DoT but would like to see about moving over
> to HTTPS. Have been looking for how to do this but what I have found so
> far doesnt give me the information I am looking for. I have some
> experience with Linux but am no where near being a programmer.
>
> Here is what I have found so far -
>
> # Since I installed using apt, figure that I should uninstall it first
>
> sudo apt remove unbound
>
>
> # Download/compile unbound to use DoH
> wget http://www.nlnetlabs.nl/downloads/unbound/unbound-1.13.1.tar.gz
> tar -zxvf unbound-1.13.1.tar.gz (missing step?)
> ./configure --with-libnghttp2
> make
> make install
>
> #configuring unbound to use DoH
> server:
> interface: 127.0.0.1 at 443
> tls-service-key "key.pem"
> tls-service-pem: "cert.pem"
>
> # Adapted from TLS/DoT instructions, so not sure about this
> forward-zone:
> name: "."
> forward-tls-upstream: yes
> # Cloudflare DNS
> forward-addr: 2606:4700:4700::1111 at 443#cloudflare-dns.com
> forward-addr: 1.1.1.1 at 443#cloudflare-dns.com
> forward-addr: 2606:4700:4700::1001 at 443#cloudflare-dns.com
> forward-addr: 1.0.0.1 at 443#cloudflare-dns.com
>
> Is this correct ?
> Would appreciate any pointers in helping get this to work
>
> Thanks,
> Ron
More information about the Unbound-users
mailing list