[Pdns-users] What is required for the dnsdist testCrypto() function to work?

Remi Gacogne remi.gacogne at powerdns.com
Thu Jul 4 11:49:38 UTC 2019


Hi,

On 7/4/19 12:47 PM, sthaug at nethelp.no wrote:
> should I expect the testCrypto() function to work? Because it doesn't:
[...]
>> testCrypto()
> Crypto failed..

This error message is indeed not helpful at all.. I'm pretty sure it
just means that have not configured a session key with setKey(), since
this function mostly tests that the encryption between a console client
and dnsdist works, and is not related at all to TLS. It made sense
between the addition of DoT and DoH, but I agree it's quite misleading
nowadays.

> The reason for asking about the testCrypto() function is that I'm
> trying to get DoT working, so far without success.

It's completely unrelated to testCrypto(), could you paste your
configuration and explain what doesn't work?


Please be aware that dnsdist has its own mailing-list, by the way :-)

Best regards,
-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20190704/c323001d/attachment.sig>


More information about the Pdns-users mailing list