Closed Bug 1848807 Opened 1 year ago Closed 1 year ago

Unable to use self-hosted DNS over Https

Categories

(Core :: Networking: DNS, defect)

Firefox 118
defect

Tracking

()

RESOLVED INCOMPLETE

People

(Reporter: mokeyish, Unassigned, NeedInfo)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203

Steps to reproduce:

I add self-hosted DNS over HTTPS. The address is

https://localhost:8453/dns-query

Note:It works fine on Chrome.

Actual results:

Possible security risk looking up this domain

Firefox can’t protect your request for this site’s address through our trusted DNS resolver. Here’s why:

You can continue with your default DNS resolver. However, a third-party might be able to see what websites you visit.

Expected results:

Allow me to use self-hosted DNS Over HTTPS.

Because some private domain names need to be resolved. If FireFox can't support this, I can only use the traditional way, but lose the security.

Group: firefox-core-security → network-core-security
Component: Untriaged → Networking: DNS
Product: Firefox → Core

Given that this lets you know that it is failing, I don't think this needs to be a hidden security issue.

Group: network-core-security

Could you open the devtools console in the error page and type:
RPMGetTRRSkipReason();
It should give us the reason why we failed to use the localhost server (I suspect it's a certificate issue).
If it is a certificate failure, make sure to accept the self-signed cert before using DoH with the local server.

Thanks!

Blocks: doh
Flags: needinfo?(mokeyish)

Maybe your self-hosted DoH serveris self-signed. So you need to add https://localhost:8453 to firefox's Exception.

You can either 1. visit https://localhost:8453 and Add the server to exception or 2. in Preference -> View Certificates -> Server -> Add Exception -> add https://localhost:8453


If you confiure DoH with Increased Protection in Firefox settings, you can see DoH status is active or not and the reason why it failed.

Closing this bug as incomplete as there is no response from the reporter for the queries.

Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: