[Yeti DNS Discuss] A public Yeti DNS resolver (but with TLS)

Stephane Bortzmeyer bortzmeyer at nic.fr
Tue Dec 27 19:53:49 UTC 2016

On Wed, Dec 21, 2016 at 09:11:06PM +0100,
 Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote 
 a message of 118 lines which said:

> So, I installed an *experimental* public DNS-overs-TLS Yeti resolver
> on dns-resolver.bortzmeyer.org (IPv6 only, which makes sense for
> Yeti).
> The certificate was issued by CAcert <https://www.cacert.org/> I
> wonder if it's possible to get a Let's Encrypt certificate for a DNS
> server (you need to set up a callback server)?

Now running under its final name, dns-resolver.yeti.eu.org. And it has
a nice Let's Encrypt certificate. (I've set up a Nginx HTTP server at
<https://dns-resolver.yeti.eu.org/>, ran "sudo certbot certonly
--webroot -w /usr/share/nginx/html -d dns-resolver.yeti.eu.org" and
configured Unbound to use

More information about the discuss mailing list