Closed
Description
Since systemd 239 systemd-resolved supports DNS over TLS. Currently (systemd version 239) systemd-resolved does not certificate checking for DNS Servers as covered in this PR: #8849
This issue is for keeping track of certificate checking for DNS over TLS.
One possible solution could be to add a new format for the DNS-Servers in the /etc/systemd/resolved.conf file. A possible solution would be an IP/hostname Tuple. This would allow hostname based certificate validation. More Details about this idea here: #8849 (comment)