Jump to content

Talk:DNS over HTTPS servers

From ArchWiki
Latest comment: 26 January by Andrej in topic stunnel

stunnel

The stunnel recommendation has never worked properly. (named was unaware of the proxy and unable to make its own outbound TLS connections. stunnel has been recently unstable and crash-prone.) I believe stunnel should be removed from the wiki page.

Since version 9.17, named has built-in, native support for both DNS over TLS and DNS over HTTP. That said, anything proxy-related is no longer needed and better avoided.

An interesting topic to cover would be a way of using DNS over HTTP without conflicts with a regular HTTP server (e.g. Apache’s httpd) on port 443. I haven’t figured that out yet. This might require forwarding from httpd to named based on the /dns-query query suffix.

--Andrej (talk) 07:51, 26 January 2025 (UTC)Reply