OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 23.7 Legacy Series »
  • Unbound - Verify common name of wildcard certificate?
« previous next »
  • Print
Pages: [1]

Author Topic: Unbound - Verify common name of wildcard certificate?  (Read 694 times)

kode54

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Unbound - Verify common name of wildcard certificate?
« on: September 06, 2023, 04:39:56 am »
It doesn't seem to be possible to set the common name string to a wildcard. Will it still verify if I enter a host, and the certificate has a wildcard CN that matches it? DNS over TLS doesn't seem to be working for Quad9 for me, it seems to be falling back to Recursion no matter what. Quad9's servers appear to return the CN of "*.quad9.net".
Logged

danderson

  • Full Member
  • ***
  • Posts: 107
  • Karma: 9
    • View Profile
Re: Unbound - Verify common name of wildcard certificate?
« Reply #1 on: September 06, 2023, 05:46:11 am »
Quad 9 dns over tls works great for me. In the verify CN field put in dns.quad9.net

https://www.quad9.net/support/faq/

Does Quad9 support DNS over TLS?

We do support DNS over TLS on port 853 (the standard) using an auth name of dns.quad9.net

« Last Edit: September 06, 2023, 05:48:19 am by danderson »
Logged

kode54

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Re: Unbound - Verify common name of wildcard certificate?
« Reply #2 on: September 06, 2023, 07:21:48 am »
Sorry. Apparently, all my DNS troubles were because systemd-resolved on Arch default enables both LLMNR and mDNS, which were slowing down DNS for practically every query.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 23.7 Legacy Series »
  • Unbound - Verify common name of wildcard certificate?
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2