Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

DoH and DoT unsigned on iOS

Scheduled Pinned Locked Moved AdGuard Home
6 Posts 4 Posters 107 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • randyjcR Offline
    randyjcR Offline
    randyjc
    wrote on last edited by randyjc
    #1

    Hello,

    Yesterday, I was in contact with support (@girish), and I'm trying to get DoH and DoT to work on my device. It does work, but when importing the configuration file, it complains that it is unsigned. Despite the complaint, the DNS requests are coming through. However, the fact that it is unsigned makes me a bit uneasy about the security of the data.

    We have checked the certificates for the wildcard domain, and they are properly set, so it should work as designed. However, I was wondering if more people are experiencing this issue, or if it's happening only to me.

    07038bcd-f824-44c5-8b45-5d97c919b3ad-image.png
    4785e5a7-a49f-48e4-a5e0-2ce98aa18779-image.png
    2d146d26-0e0f-4e66-b400-71e23fa32d12-image.png

    KubernetesK 1 Reply Last reply
    1
  • KubernetesK Offline
    KubernetesK Offline
    Kubernetes App Dev
    replied to randyjc on last edited by
    #2

    Hi @randyjc

    I think this is not related to the SSL Certificate, but to the Signature of the Profile. I don't know how such a iOS Profile could be signed properly, but I think to achieve this an Apple Developer Account might be required?

    On my devices it is exactly the same behavior as on yours.

    1 Reply Last reply
    0
  • L Online
    L Online
    lukas
    wrote on last edited by
    #3

    same here and working on my iOS devices

    randyjcR 1 Reply Last reply
    0
  • randyjcR Offline
    randyjcR Offline
    randyjc
    replied to lukas on last edited by
    #4

    @Kubernetes said in DoH and DoT unsigned on iOS:

    Hi @randyjc

    I think this is not related to the SSL Certificate, but to the Signature of the Profile. I don't know how such a iOS Profile could be signed properly, but I think to achieve this an Apple Developer Account might be required?

    On my devices it is exactly the same behavior as on yours.

    @lukas said in DoH and DoT unsigned on iOS:

    same here and working on my iOS devices

    Thanks all for checking, in that case I just leave it be then.

    girishG 1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    replied to randyjc on last edited by
    #5

    @randyjc Does Cloudflare DoH endpoint work ? I think the URL is https://cloudflare-dns.com/dns-query

    randyjcR 1 Reply Last reply
    0
  • randyjcR Offline
    randyjcR Offline
    randyjc
    replied to girish on last edited by
    #6

    @girish

    I got the same unsigned message, but I'm not sure if this is because I initiate this via my own adguard site by changing the hostname 🙂

    I do however got some other info via https://github.com/paulmillr/encrypted-dns#signed-profiles

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.