NextDNS block page with root CA - a strange quirk?
I noticed in the NextDNS settings that you can enable a branded block page and install a root CA so you don't get the web browser's default DNS error when trying to visit a blocked domain, both of which I've done. However I still got the browser's DNS error message (I tried in Brave, Chrome, Firefox and Edge).
I've got NextDNS setup on my home network via the DNSCrypt plugin on my OPNsense router, so up until now I didn't bother installing either the NextDNS client or YogaDNS on my Windows PC. I then installed YogaDNS, setup NextDNS as per the prompts, tried visiting a site blocked by my settings (in my case, via the Bypass Methods list) to see if this would make a difference, and only then the block page showed up.
Is this normal?
4 replies
-
The certificate must be installed manually on each device you use, for example Windows, Android, Mac, and so on. This is done in order to be able to process secure "HTTPS" pages and display the blocking message, otherwise you will still get an unsecured web page error. Here is the official installation guide, and CEO Olivier Poitrey effectively explains the risk involved in installing a root certificate.
https://help.nextdns.io/t/g9hmv0a/how-to-install-and-trust-nextdns-root-ca
-
Sorry for resurrecting an old topic, but it appears that trying to add it at my router level (using OpnSense as well) appears to not work. The only thing I ever get is redirected to my router's page. Even when I add it into System > Trust > Authorities
Unless I'm missing some step to make sure it redirects to the block page
Content aside
- 9 mths agoLast active
- 4Replies
- 991Views
-
3
Following