mirror.MikroTik/pothi.mikrotik-scripts
1
0
Fork 0
mirror of https://github.com/pothi/mikrotik-scripts.git synced 2025-06-26 16:08:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
pothi.mikrotik-scripts/doh-scripts/README.md
Pothi Kalimuthu 7ab9c9d776
Update DoH scripts
2023-06-29 08:31:49 +05:30

26 lines
1 KiB
Markdown
Raw Blame History

TODO:
- DoH script for nextdns
- DoH script for quad9
# important thread... https://forum.mikrotik.com/viewtopic.php?f=2&t=160243#p799274
Remember that DoH depends on correct time. So, make sure NTP client is configured. The MikroTik Cloud NTP client service required DNS that in turn requires a working NTP client. So, don't depend on MikroTik Cloud NTP client service.
NextDNS recommends https://curl.se/ca/cacert.pem too.
Root CA certificates that we can use...
- https://www.digicert.com/kb/digicert-root-certificates.htm (Download DigiCert Global Root CA)
- https://cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem
- works **only** for 1.1.1.1 DoH
# the following don't work for unknown reason...
- https://pki.goog/repository/
- https://support.globalsign.com/ca-certificates/root-certificates/globalsign-root-certificates
- https://www.amazontrust.com/repository/
Or download most (if not all) root CA certificates from https://curl.se/ca/cacert.pem
Recommended - https://pki.goog/repo/certs/gtsr4.pem (validity: 2038)
Reference in a new issue View git blame Copy permalink