Failed get request on stubby to Ubuntu knot-resolver server
Server: Ubuntu 18.04 64bit Installation source: apt install knot-resolver
Server
kresd.conf
-- net = { net.ens160 }
net.tls('/etc/letsencrypt/live/de.dns.xxx.com/fullchain.pem','/etc/letsencrypt/live/de.dns.xxx.com/privkey.pem')
net.listen('::', 853)
net.listen('0.0.0.0', 853)
Mbpr client
I use brew install stubby with this config
tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
upstream_recursive_servers:
- address_data: x.x.x.x
tls_auth_name: "de.dns.xxx.com"
tls_pubkey_pinset:
- digest: "sha256"
value: Pxasdfsip3LTYnkiAa7hGqjXcWmSTD8GTC9ECAiU=
I get the SKIP PIN, with this cmd in my Mbpr
echo | openssl s_client -connect 'x.x.x.x:853' 2>/dev/null | openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64
But it wont work, I mean can't authenticate.
On my server side, I got this message https://pastebin.com/U9JfNBLR