Add TLS context for DNS over TLS/HTTPS

Added TLS context configuration for DoT/DoH with certificate and key file paths.
2025-09-17 14:34:03 -06:00 · 2025-09-17 14:34:03 -06:00 · 21a8012155
parent 283bb38db8
commit 21a8012155
1 changed files with 9 additions and 1 deletions
--- a/named.conf
+++ b/named.conf
@ -6,6 +6,14 @@
 //
 // If you are just adding zones, please do that in /etc/bind/named.conf.local

+// TLS context for DoT/DoH
+tls "dns-tls" {
+    cert-file "/etc/bind/keys/dns-fullchain.pem";
+    key-file  "/etc/bind/keys/dns-privkey.pem";
+    protocols { TLSv1.3 TLSv1.2; };
+    session-tickets no;
+};
+
 include "/etc/bind/named.conf.options";
 include "/etc/bind/named.conf.local";
 include "/etc/bind/named.conf.default-zones";