Hello my friends..!
so please if anyone of you who see the last video by Normis that talking about Encrpting DNS request.
https://www.youtube.com/watch?v=w4erB0VzyIE
so my question is not all people have digital certificate so in this case how can i get this PEM cert..? is there is another way..?
The goal of the video was to make your Mikrotik a (secure) DNS “client” , so you see the certificate actions are on Mikrotik itself.
All your clients on the LAN continue to keep using traditional DNS and must use the Mikrotik as their DNS.
Upon receiving the regular DNS-traffic from your clients, the Mikrotik will go out to the DNS-provider (encrypted) to perform the request any device on the LAN has made.
“all people” do not need any certificates here! Only the Mikrotik interfaces securely with the upstream DNS-provider.
ok i agree. but i couldnt open the dns.nextdns.io could you ..?
when i try to connect to it, it give me the not secure connection message like this ..
can you try with your browser..!
I do not use any DoT/DoH functionality.
Reading the forums I think fore sure there are bugs depending on the release you run.
But anyway, If I go to dns.nextdns.io with my Chrome on Ubuntu all seems fine. No warnings. Certificate is valid.
Hello Mr.jvanhambelhium..! so it work well after i enable the DOH option in my firefox browser.
thanks..
Hahaha, anyone can enable it on the firefox browser but can you enable it on the router so all users achieve DOH without knowing it…