-
Notifications
You must be signed in to change notification settings - Fork 259
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Cloudflare and Google #905
Conversation
Cloudflare certificates change all the time, and this is also inconsistent depending on the client location. Unfortunately, we can't include hashes for them, this breaks too frequently. |
And yet they're the most likely target by hackers and state actors. What a shame! |
- Removed hashes - Added 4 IP SANs for the basic tier
Certificates are different for |
We should keep |
* 'next' of github.com:DNSCrypt/dnscrypt-resolvers: Update Cloudflare and Google (#905)
https://www.reddit.com/r/dnscrypt/comments/1dxke0m/dnscrypt_stopped_working_on_multiple_docker/ Crap. Wondering if this is related. |
Weirdly enough, I can't find the latest dnscrypt-proxy package for Debian stable (link). 2.0.45 (from 4 yrs ago!) is the latest version supported on Debian oldstable. Yet as this link suggests, default version was v3 for that. So, user didn't bother to update the container or migrate to the native package by Debian. I'm not convinced even a v2 user of the software would have problems with the changes made to Cloudflare. |
Yeah, they had a Frankenstein configuration. IP addresses should indeed be fine even for v2 users. |
But the problem wasn't the IP addrs used as hostnames. It was the fact that v2 didn't support multi stamps under one entry. |
Yes. |
No description provided.