OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • 24.7 Production Series »
  • DNS Over TLS Broken
« previous next »
  • Print
Pages: 1 [2]

Author Topic: DNS Over TLS Broken  (Read 1051 times)

chemlud

  • Hero Member
  • *****
  • Posts: 2488
  • Karma: 112
    • View Profile
Re: DNS Over TLS Broken
« Reply #15 on: November 22, 2024, 09:32:05 pm »
...works just fine and stable here for years. Why complain?
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....

DEC670airp414user

  • Full Member
  • ***
  • Posts: 166
  • Karma: 8
    • View Profile
Re: DNS Over TLS Broken
« Reply #16 on: November 23, 2024, 11:54:02 am »
https://docs.quad9.net/Setup_Guides/Open-Source_Routers/OPNsense_%28Encrypted%29/

is the attached how you have it configured?

I have clean browsing, nextdns, and quad 9 configured.    but if I enable all 3 at once I've noticed a lot of times dns reporting STOPS.  and queries fail.    if I just enable one server I never have an issue.
this is on opnsense hardware and the business version.   
« Last Edit: November 23, 2024, 11:57:39 am by DEC670airp414user »
Logged

phantomsfbw

  • Jr. Member
  • **
  • Posts: 70
  • Karma: 3
    • View Profile
Re: DNS Over TLS Broken
« Reply #17 on: November 23, 2024, 02:08:07 pm »
I tried just one server of Quad9 as well.  Also tried other DNS providers.  Decided to give IPFire a shot as I needed to start over from scratch,and it has been awhile, which does say great things about OPNSense, just decided to try something different for a bit.  Thanks again to all for the assistance, see you back sometime.
Logged

yuusou

  • Newbie
  • *
  • Posts: 3
  • Karma: 0
    • View Profile
Re: DNS Over TLS Broken
« Reply #18 on: Today at 03:37:08 pm »
Hi,

I've run into the same issue immediately after rebooting right after updating to 24.7.10.
I also thought it could be due to NTP, so I've set the primary NTP server to the IP of 0.opnsense.pool.ntp.org (95.211.123.72), restarted ntp server, reenabled DoT and restarted unbount, but continue to have the same error.

Code: [Select]
2024-12-03T15:35:56 Error unbound [41231:2] error: ssl handshake cert error: unable to get local issuer certificate
2024-12-03T15:35:56 Error unbound [41231:2] error: and additionally crypto error:0A000086:SSL routines::certificate verify failed
2024-12-03T15:35:56 Error unbound [41231:2] error: and additionally crypto error:80000002:system library::No such file or directory
2024-12-03T15:35:56 Error unbound [41231:2] error: and additionally crypto error:16000069:STORE routines::unregistered scheme
2024-12-03T15:35:56 Error unbound [41231:2] error: and additionally crypto error:80000002:system library::No such file or directory
2024-12-03T15:35:56 Error unbound [41231:2] error: and additionally crypto error:16000069:STORE routines::unregistered scheme
2024-12-03T15:35:56 Error unbound [41231:2] error: and additionally crypto error:80000002:system library::No such file or directory
2024-12-03T15:35:56 Error unbound [41231:2] error: ssl handshake failed crypto error:16000069:STORE routines::unregistered scheme
2024-12-03T15:35:56 Notice unbound [41231:2] notice: ssl handshake failed 9.9.9.9 port 853
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17709
  • Karma: 1618
    • View Profile
Re: DNS Over TLS Broken
« Reply #19 on: Today at 03:47:52 pm »
Let's stay on topic in https://forum.opnsense.org/index.php?topic=44414.0 for the 24.7.10 behaviour.
Logged
  • Print
Pages: 1 [2]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • 24.7 Production Series »
  • DNS Over TLS Broken
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2