starred/AdGuardHome

Fork 0

mirror of https://github.com/AdguardTeam/AdGuardHome.git synced 2026-03-04 00:01:12 -05:00

Ability to setup separate certificates for DoH, DoT, DoQ #4484

New issue

Closed

opened 2026-03-04 05:10:15 -05:00 by deekerman · 3 comments

deekerman commented

2026-03-04 05:10:15 -05:00

Owner

Originally created by @savely-krasovsky on GitHub (May 21, 2023).

Prerequisites

I have checked the Wiki and Discussions and found no answer
I have searched other issues and found no duplicates
I want to request a feature or enhancement and not ask a question

Description

What problem are you trying to solve?

Currently I know only one CA which issues SSL certificates for IPs, it's ZeroSSL. But in their free tier they issue one cert for the exactly one IP/domain, so I can't issue single certificate for both DoH and DoT.

Proposed solution

Add ability to choose separate certificates for DoH, DoT and probably DoQ. AFAIK it will allow to use DDR.

Alternatives considered

Buy ZeroSSL 50$ per month tier and create cert with IP, domain and wildcard domain to complete fulfill our needs with one certificate.

Additional information

Originally created by @savely-krasovsky on GitHub (May 21, 2023). ### Prerequisites - [X] I have checked the [Wiki](https://github.com/AdguardTeam/AdGuardHome/wiki) and [Discussions](https://github.com/AdguardTeam/AdGuardHome/discussions) and found no answer - [X] I have searched other issues and found no duplicates - [X] I want to request a feature or enhancement and not ask a question ### Description #### What problem are you trying to solve? Currently I know only one CA which issues SSL certificates for IPs, it's ZeroSSL. But in their free tier they issue one cert for the exactly one IP/domain, so I can't issue single certificate for both DoH and DoT. #### Proposed solution Add ability to choose separate certificates for DoH, DoT and probably DoQ. AFAIK it will allow to use DDR. #### Alternatives considered Buy ZeroSSL 50$ per month tier and create cert with IP, domain and wildcard domain to complete fulfill our needs with one certificate. #### Additional information

deekerman

2026-03-04 05:10:15 -05:00

closed this issue
added the
duplicate
label

deekerman commented

2026-03-04 05:10:31 -05:00

Author

Owner

@fernvenue commented on GitHub (May 22, 2023):

But in their free tier they issue one cert for the exactly one IP/domain, so I can't issue single certificate for both DoH and DoT.

May I ask why you can't use single certificate for both DoH and Dot? They are just working on different ports.

@fernvenue commented on GitHub (May 22, 2023): > But in their free tier they issue one cert for the exactly one IP/domain, so I can't issue single certificate for both DoH and DoT. May I ask why you can't use single certificate for both DoH and Dot? They are just working on different ports.

deekerman commented

2026-03-04 05:10:31 -05:00

Author

Owner

@savely-krasovsky commented on GitHub (May 22, 2023):

May I ask why you can't use single certificate for both DoH and Dot? They are just working on different ports.

By certificate for IP I mean something like https://1.1.1.1 where Cloudflare issued a cert with SAN=IP:1.1.1.1

It allows to use DDR standard.

@savely-krasovsky commented on GitHub (May 22, 2023): > May I ask why you can't use single certificate for both DoH and Dot? They are just working on different ports. By certificate for IP I mean something like https://1.1.1.1 where Cloudflare issued a cert with SAN=IP:1.1.1.1 It allows to use DDR standard.

deekerman commented

2026-03-04 05:10:31 -05:00

Author

Owner

@ainar-g commented on GitHub (Jun 28, 2023):

Merging into #741.

@ainar-g commented on GitHub (Jun 28, 2023): Merging into #741.

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/AdGuardHome#4484

No description provided.

Rows
Columns