Certificate Invalid DoH - Windows

[djeraseit]

Seeing this in Powershell on the windows client

←[31mERRO←[0m[15232] failed to connect to an HTTPS backend "https://1.1.1.1/dns-query" ←[31merror←[0m="failed to perform an HTTPS request: Post https://1.1.1.1/dns-query: x509: certificate is valid for 1.1.1.1, 1.0.0.1, 2606:4700:4700::1111, 2606:4700:4700::1001, not 1.1.1.1" ←[31mERRO←[0m[15232] failed to connect to an HTTPS backend "https://1.0.0.1/dns-query" ←[31merror←[0m="failed to perform an HTTPS request: Post https://1.0.0.1/dns-query: x509: certificate is valid for 1.1.1.1, 1.0.0.1, 2606:4700:4700::1111, 2606:4700:4700::1001, not 1.0.0.1"

[sssilver]

@djeraseit two things:

1. Make sure you're running the latest version of cloudflared. If you are, please let us know so we look into the strange escape characters within your Powershell output
2. Make sure nothing along the way (firewalls, etc) blocks outbound traffic to https://1.1.1.1

[k79e]

I can use IE to open one.one.one.one the certificate is ok. But not 1.1.1.1. IDK why. And I sniffed the network found that everytime the doh lookup failed it shown a "bad certificate"

This bad certificate is sent by cloudflared.exe

ERRO[0012] failed to connect to an HTTPS backend "https://1.1.1.1/dns-q uery" error="failed to perform an HTTPS request: Post https://1.1.1.1/ dns-query: x509: certificate is valid for 1.1.1.1, 1.0.0.1, 162.159.132.53, 2606 :4700:4700::1111, 2606:4700:4700::1001, 2606:4700:4700::64, 2606:4700:4700::6400 , 162.159.36.1, 162.159.46.1, not 1.1.1.1" ERRO[0013] failed to connect to an HTTPS backend "https://1.0.0.1/dns-q uery" error="failed to perform an HTTPS request: Post https://1.0.0.1/ dns-query: x509: certificate is valid for 1.1.1.1, 1.0.0.1, 162.159.132.53, 2606 :4700:4700::1111, 2606:4700:4700::1001, 2606:4700:4700::64, 2606:4700:4700::6400 , 162.159.36.1, 162.159.46.1, not 1.0.0.1" I'm using 2019.6 verison

[k79e]

Look this here. https://github.com/golang/go/issues/30985