diff --git a/named.conf b/named.conf
index 64e67d56..9481cb2c 100644
--- a/named.conf
+++ b/named.conf
@@ -6,7 +6,15 @@
 //
 // If you are just adding zones, please do that in /etc/bind/named.conf.local
 
+// TLS context for DoT/DoH
+tls "dns-tls" {
+    cert-file "/etc/bind/keys/dns-fullchain.pem";
+    key-file  "/etc/bind/keys/dns-privkey.pem";
+    protocols { TLSv1.3 TLSv1.2; };
+    session-tickets no;
+};
+
 include "/etc/bind/named.conf.options";
 include "/etc/bind/named.conf.local";
 include "/etc/bind/named.conf.default-zones";
-include "/etc/bind/named.conf.opennic";
\ No newline at end of file
+include "/etc/bind/named.conf.opennic";