diff options
| author |  Ondřej Benkovský <ondrej.benkovsky@jamf.com>
| 2021-11-23 14:03:26 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2021-11-23 14:03:26 +0100 |
| commit | b8439789f4d8dbcad0493ee96b5700605ce49e3a (patch) | |
| tree | ac6c0c3e4a1b487292e98990ad3dabfba2c4bfbc /plugin/tls | |
| parent | 5f45ace89e0bb1d9120975d3d08e06dca8fa6dce (diff) | |
| download | coredns-b8439789f4d8dbcad0493ee96b5700605ce49e3a.tar.gz coredns-b8439789f4d8dbcad0493ee96b5700605ce49e3a.tar.zst coredns-b8439789f4d8dbcad0493ee96b5700605ce49e3a.zip | |
support plain HTTP for DoH (#4997)
Signed-off-by: Ondřej Benkovský <ondrej.benkovsky@jamf.com>
Diffstat (limited to 'plugin/tls')
| -rw-r--r-- | plugin/tls/README.md | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/plugin/tls/README.md b/plugin/tls/README.md index da33c0951..9d945b83e 100644 --- a/plugin/tls/README.md +++ b/plugin/tls/README.md @@ -2,7 +2,7 @@ ## Name -*tls* - allows you to configure the server certificates for the TLS and gRPC servers. +*tls* - allows you to configure the server certificates for the TLS, gRPC, DoH servers. ## Description @@ -57,6 +57,14 @@ grpc://. { } ~~~ +Start a DoH server on port 443 that is similar to the previous example, but using DoH for incoming queries. +~~~ +https://. { + tls cert.pem key.pem ca.pem + forward . /etc/resolv.conf +} +~~~ + Only Knot DNS' `kdig` supports DNS-over-TLS queries, no command line client supports gRPC making debugging these transports harder than it should be. |