Cloudflare DNS over TLS with Unbound

[csmall]

Looking at this article https://www.netgate.com/blog/dns-over-tls-with-pfsense.html?utm_campaign=DNSoverTLS&utm_content=69532200&utm_medium=social&utm_source=twitter

I enabled unbound and added the custom settings from this article to enable dns over tls on 1.1.1.1 and 1.0.0.1.

It seemed to work fine for a short period of time and then I start getting these errors and the unbound service stops running.

unbound: [58716:1] notice: ssl handshake failed 1.1.1.1 port 853

unbound: [58716:1] error: ssl handshake failed crypto error:140020B5:SSL routines:CONNECT_CW_CLNT_HELLO:no ciphers available

Is anyone using cloudflare dns over tls successfully?

[opnfwb]

Cloudflare is having issues presently with TLS. I'm using Quad9 DNS TLS and it's been working.

https://community.cloudflare.com/t/1-1-1-1-was-working-but-not-anymore/15136

[lambrusco]

Had the same issue, I used the following parameters in the custom options field and then it worked.

Code: [Select]

server:
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 1.1.1.1@853
forward-addr: 1.0.0.1@853