Pfsense router SSL/TLS certificate - newbie

user19173 · January 16, 2022, 4:15pm

Hi, I’m not sure I’m in the right place? I have a small personal home network, don’t host a website or run a web server. My router is configured to send some traffic to a VPN service using their DNS servers, so there are no leaks from port 53. I have a DMZ subnet which bypasses VPN and I wish to secure DNS requests via the local resolver since these will not pass through the VPN tunnel. At the moment, my router DNS settings are for SSL/TLS to 1.1.1.1 but the subnet DNS requests are going out as port 53 not 853. I suspect this is because the present SSL/TLS certificate is self signed?

Can I get a free 15 year certificate just for personal use and DNS queries to 1.1.1.1 without hosting a web server? My Pfsense router setup also suggests a DNS server hostname is required for TLS verification, but what is the server hostname for 1.1.1.1.

Sorry for the basic questions.

user19173 · January 18, 2022, 5:33pm

Since my post got hosted here, I got help from the pfsense community. The certificate issue confusing me doesn’t arise as I’m not web hosting and I’ve now managed to configure my router to use Cloudflare DNS/TLS.

I used the cloudflare /help TLS page which now confirms my DNS is TLS port 853 . My topic can be closed.

Topic		Replies	Views
Home server behind PFSense SSL certs breaking DNS & Network	1	2561	March 10, 2021
HomeAssistant with pfSense & CloudFlare Security	5	3433	May 26, 2022
How to configure CloudFlare Tunnel for HTTPS traffic? Cloudflare Tunnel CloudflareTunnel	10	22020	December 21, 2022
SSL/TLS Certificate Security	3	998	July 10, 2023
Problem with DNS over TLS DNS & Network	2	2475	December 27, 2019

Pfsense router SSL/TLS certificate - newbie

Related topics