DNS Privacy Project

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

If you are interested in running your own DNS-over-TLS server this page provides some ideas...

Pick your software

See the Implementations page to see what features are currently supported in the various open source nameserver implementations.

Don't forget that you can also run a TLS-proxy in front of any nameserver too (and there is a Docker image for doing this with BIND).

To authenticate or not?

In order to allow users to authenticate the server it needs to be configured with a certificate. Many of the existing servers use the great service at Let's Encrypt. It has become clear that it is not obvious how to renew a certificate with the same key so we have a short guide on Let's Encrypt Key renewal. 

Monitor your server

We are working on a 'probe' mode for getdns and also a Nagios plugin... watch this space. 


  • No labels