dave14305
Part of the Furniture
I discovered this site below via privacytools.io and it has downloadable DNS profiles for most of the major encrypted DNS providers, using the newest Apple native Encrypted DNS functions. So the way it works is you download the profile of the service you want to use to your device and install it as a Profile in iOS/iPadOS, etc. and it will force the use of this resolver at the OS level. Similar to the 1.1.1.1 App for iOS that used to simulate a VPN to achieve the same thing. Quad9 only has an Android app, so you can now roll your own.
The downside is that these profiles are written for DNS-over-HTTPS, which is a turnoff for some (compared to DNS-over-TLS). I actually have a DoT profile I made for Quad9 (9.9.9.11) that only turns on when my iPhone is off my home WiFi. It's posted below in the Spoiler as an example.
Alternative gitlab link if the above seems suspicious:
The downside is that these profiles are written for DNS-over-HTTPS, which is a turnoff for some (compared to DNS-over-TLS). I actually have a DoT profile I made for Quad9 (9.9.9.11) that only turns on when my iPhone is off my home WiFi. It's posted below in the Spoiler as an example.
nitrohorse / encrypted-dns-configs · GitLab
Encrypted DNS configuration profiles for Apple devices. https://encrypted-dns.party
gitlab.com
XML:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadDisplayName</key>
<string>Quad9-ECS DNS over TLS</string>
<key>PayloadOrganization</key>
<string>encrypted-dns.party</string>
<key>PayloadDescription</key>
<string>This profile enables Quad9 with extended client subnet DNS over TLS on all networks using the iOS 14 / iPadOS 14 / tvOS 14 / macOS Big Sur Encrypted DNS feature.
Downloaded from encrypted-dns.party.</string>
<key>ConsentText</key>
<dict>
<key>default</key>
<string>Privacy policy:
https://quad9.net/policy</string>
</dict>
<key>PayloadIdentifier</key>
<string>com.apple.dnsSettings.managed.88ced91f-3a79-4ffa-8692-0df6a4f967dd</string>
<key>PayloadScope</key>
<string>User</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>A1E2F262-DB73-40F6-BD22-2E42A43A3C94</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadContent</key>
<array>
<dict>
<key>DNSSettings</key>
<dict>
<key>DNSProtocol</key>
<string>TLS</string>
<key>ServerAddresses</key>
<array>
<string>9.9.9.11</string>
<string>2620:fe::11</string>
<string>149.112.112.11</string>
<string>2620:fe::fe:11</string>
</array>
<key>ServerName</key>
<string>dns.quad9.net</string>
</dict>
<key>OnDemandRules</key>
<array>
<dict>
<key>Action</key>
<string>Disconnect</string>
<key>SSIDMatch</key>
<array>
<string>MyWiFiSSID1</string>
<string>MyWiFiSSID2</string>
</array>
</dict>
<dict>
<key>Action</key>
<string>Connect</string>
</dict>
</array>
<key>PayloadType</key>
<string>com.apple.dnsSettings.managed</string>
<key>PayloadIdentifier</key>
<string>com.apple.dnsSettings.managed.1824a829-94b9-4308-b603-d0849c532944</string>
<key>PayloadUUID</key>
<string>A1E2F262-DB73-40F6-BD22-2E42A43A3C94.3C8F875F-45B8-4ACF-9F84-244D3D6DF258.d84df4</string>
<key>PayloadDisplayName</key>
<string>Quad9 ECS DNS over TLS</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
</dict>
</plist>
Last edited: