I have updated to 7.21.1 and seems that same problem ocurrs. Maybe root certificates were not updated ...
Latest stable version 7.21.3.
Imported the certificate from https://ssl.com/repo/certs/SSLcomRootCertificationAuthorityECC.pem
But the DoH DNS Server isn't working, query https://cloudflare-dns.com/dns-query.
Error: DoH server connection error: resolving error
Of course, I already have static IPs from Cloudflare, but the certificate isn't working. I'm currently using Google's DoH Server, and it seems to work with other certificates.
Maybe you also need the SSL.com SSL Intermediate CA ECC R2
https://ssl.com/repo/certs/SSLcom-SubCA-SSL-ECC-384-R2.pem
I have about 15 in my certificate store.
It’s working over here…
with the one indicated above and the one listed the certificates have become 2 and the system still does not work with cloudflare
Flags: K - private-key; L - crl; C - smart-card-key; A - authority; I - issued, R - revoked; E - expired; T - trusted
0 T name="SSLcom-SubCA-SSL-ECC-384-R2.pem_0" trust-store=all digest-algorithm=sha384 trusted=yes
common-name="SSL.com SSL Intermediate CA ECC R2" organization="SSL Corp" locality="Houston" state="Texas" country="US"
subject-alt-name="" issuer=C=US,S=Texas,L=Houston,O=SSL Corporation,CN=SSL.com Root Certification Authority ECC
key-type=ec key-size=secp384r1 key-usage=digital-signature,key-cert-sign,crl-sign,tls-server,tls-client days-valid=5475
invalid-before=2019-03-07 20:42:42 invalid-after=2034-03-03 20:42:42 serial-number="1cd71212de1510d91282da33104a102f"
akid=82D1857330E73504D38E0292FBE5A4D1C421E8CD skid=0D74660A5E9FE22CECD5C25D25047F7532BAFF7D
fingerprint="948b7111af42f546d579cff5ce2bdec82134dd9914842bddb0c52872eb604e39" expires-after=418w2d22h19m31s
1 T name="SSLcomRootCertificationAuthorityECC.pem_0" trust-store=all digest-algorithm=sha256 trusted=yes
common-name="SSL.com Root Certification Authority ECC" organization="SSL Corporation" locality="Houston" state="Texas"
country="US" subject-alt-name=""
issuer=C=US,S=Texas,L=Houston,O=SSL Corporation,CN=SSL.com Root Certification Authority ECC key-type=ec
key-size=secp384r1 key-usage=digital-signature,key-cert-sign,crl-sign days-valid=9132 invalid-before=2016-02-12 19:14:03
invalid-after=2041-02-12 19:14:03 serial-number="75e6dfcbc1685ba8" akid=82D1857330E73504D38E0292FBE5A4D1C421E8CD
skid=82D1857330E73504D38E0292FBE5A4D1C421E8CD
fingerprint="3417bb06cc6007da1b961c920b8ab4ce3fad820e4aa30b9acbc4a74ebdcebc65" expires-after=780w6d20h50m52s
What do you have for DNS server? 1.1.1.1
Absolutely not. It wouldn't make sense to use a DNS without DoH.
https://cloudflare-dns.com/dns-query
With ip dns static entry
How can it resolve to if you don’t have a DNS server to resolve too.
Just put in 1.1.1.1 for DNS and it should start working.
https://help.mikrotik.com/docs/spaces/ROS/pages/37748767/DNS#DNS-dohDNSoverHTTPS(DoH)
If your doing static ip then your using the wrong ip address.
I solved the problem with just one certificate (SSLcomRootCertificationAuthorityECC.pem). I actually made a mistake with a letter in the static DNS. From cloudflare-dns.com to cloudflare-dsn.com. They look the same, but they're not. Thanks for the support anyway.
i solved the problem with just one certificate (SSLcomRootCertificationAuthorityECC.pem). I actually made a mistake with a letter in the static DNS. From cloudflare-dns.com to cloudflare-dsn.com. They look the same, but they're not. Thanks for the support anyway.