failed to perform an HTTPS request: Post https://185.43.135.1/doh: x509: cannot validate certificate for 185.43.135.1 because it doesn’t contain any IP SANs
Is possible to write down the IP address somewhere to the configuration, because certificate of DoH server has no IP address?
failed to perform an HTTPS request: Post https://odvr.nic.cz/doh: dial tcp: lookup odvr.nic.cz on 127.0.0.1:53: read udp 127.0.0.1:55965->127.0.0.1:53: i/o timeout
start:
Oct 15 15:57:53 orangepizero systemd[1]: Started cloudflared DNS over HTTPS proxy.
Oct 15 15:57:53 orangepizero cloudflared[8364]: time=“2019-10-15T15:57:53+02:00” level=warning msg=“Cannot determine default configuration path. No file [config.yml config.yaml] in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp /usr/local/etc/cloudflared /etc/cloudflared]”
Oct 15 15:57:54 orangepizero cloudflared[8364]: time=“2019-10-15T15:57:54+02:00” level=info msg=“Adding DNS upstream” url=“https://odvr.nic.cz/doh”
Oct 15 15:57:54 orangepizero cloudflared[8364]: time=“2019-10-15T15:57:54+02:00” level=info msg=“Starting metrics server” addr=“127.0.0.1:39125”
Oct 15 15:57:54 orangepizero cloudflared[8364]: time=“2019-10-15T15:57:54+02:00” level=info msg=“Starting DNS over HTTPS proxy server” addr=“dns://localhost:5053”
and lookup:
Oct 15 15:58:57 orangepizero cloudflared[8364]: time=“2019-10-15T15:58:57+02:00” level=error msg=“failed to connect to an HTTPS backend “https://odvr.nic.cz/doh”” error=“failed to perform an HTTPS request: Post https://odvr.nic.cz/doh: dial tcp: lookup odvr.nic.cz on 127.0.0.1:53: read udp 127.0.0.1:59116->127.0.0.1:53: i/o timeout”
It is not so much of a DoH issue, but rather a traditional DNS lookup problem when Cloudflared tries to actually resolve odvr.nic.cz. For some reason that fails. Check your system’s default resolver.