Add alternative Cloudflare DoH script

doh-scripts/cloudflare-1.1.1.1.rsc

@@ -0,0 +1,26 @@
+# Verify the connection at https://1.1.1.1/help
+
+# disable doh (temporarily)
+
+/ip dns set verify-doh-cert=no
+
+# update the caCertURL depending on what's used at https://1.1.1.1/dns-query
+
+:local caCertURL
+:set caCertURL https://cacerts.digicert.com/DigiCertGlobalRootG2.crt.pem
+
+:local result [ /tool fetch url=$caCertURL dst-path=root-ca-cert.pem as-value ];
+:do { :delay 2s } while=( $result->"status" != "finished" )
+
+/certificate remove [find name~"root-ca-cert.pem"]
+/certificate import file-name=root-ca-cert.pem passphrase=""
+/file remove root-ca-cert.pem
+
+/ip dns set use-doh-server=https://1.1.1.1/dns-query verify-doh-cert=yes
+
+# optional steps
+/ip dns set servers="1.1.1.1,1.0.0.1"
+/ip dhcp-client set use-peer-dns=no [find]
+
+# flush existing cache
+/ip dns cache flush