애드가드 홈에서 인증서 설정도 헸고 TCP 포트 개방도 했는데 말이죠
왜 안드로이드에선 이 주소로 설정하면 연결할 수 없다고 뜰까요
신기한건 아이폰의 DNS Over TLS랑 외부 네트워크의 PC에서는 또 접속이 잘됩니다
DNS Over HTTPS도 되고 말이죠
도대체 왜??
OpenSSL 인증서 테스트도 잘 통과하는데 말이죠
OpenSSL> s_client -connect dns.???:853
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = dns.???
verify return:1
---
Certificate chain
0 s:CN = dns.???
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
subject=CN = dns.weing.ga
issuer=C = US, O = Let's Encrypt, CN = R3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3003 bytes and written 394 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: *
Session-ID-ctx:
Resumption PSK: *
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 604800 (seconds)
TLS session ticket:
생략
Start Time: 1619998316
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
read:errno=0
저도 안드로이드에선 안되더라구요.. 원인을 몰라서 포기했었어요
pc에서 dnslookup으로 테스트 해보면 잘 동작하는데.. 희안하더라구요..
도대체 왜 그런걸까요
버전을 낮춰야하나 싶습니다