distinguishing http and https connections

A. Schulze sca at andreasschulze.de
Fri Aug 23 10:12:58 UTC 2019

dy1977--- via Unbound-users:

> 1) Is it possible to distinguish, at the level of the "operate" function
> in the python script, if the connection is http or https ?

no, there is no indication about the purpose a client ask for a DNS-Record
and indent to use the answer.

> 2) Is there any hope to find a way to display an error page instead of
> the great warning when an https connection has been redirected to either
> or ? I tend to think it is not possible, and I
> would prefer not to spend hours around a chimer. I have tried to use the
> unbound generated certificate and an autosigned apache certificate. Is
> it useful to try with a certificate given by Let'sencrypt ? I don't know
> enough about ssl, but I guess the browser cannot be happy to see a
> certificate (even if it is valid) which has nothing to do with the site
> it is trying to connect with.
that's why DNS interception will create trouble. A Browser like to connect
to https://example.org, send the simple question mentioned above, got  
a faked answer from DNS
and still expect to connect to https://example.org

An now think what certificates was build for: to proof, the client is  
connected to the /right/ server...
( ok, not a perfect world ... )

unbound can't help here, it's the wrong layer ...


More information about the Unbound-users mailing list