FORUMS

keweonDNS - now with improved Certificate (iOS, Mac & Android)

1,730 posts
Thanks Meter: 4,389
 
Post Reply Email Thread
9th March 2020, 11:24 AM |#2951  
Senior Member
Thanks Meter: 1,430
 
More
Quote:
Originally Posted by MrT69

Therefore exist the Root Certficate.

If you block with HOST or PIHole then you will allway get this stupid error message. When you block Ads & all this crap it's a normal behavior.

Therefore exists the keweon Root Certificate. It's only there to supress this error messages, it will also prevent Adblock detection and in addition it will speed up your website because there are not anylonger HTTPS errors.

Go to https://pki.keweon.center - download happens after 3 seconds. Install it and you will see the difference.

Stopped today. No errors now. Only thing I changed is to allow device admin - not sure if anything changed on your end...
The Following User Says Thank You to levone1 For This Useful Post: [ View ] Gift levone1 Ad-Free
10th March 2020, 08:05 PM |#2952  
Senior Member
Thanks Meter: 1,430
 
More
Quote:
Originally Posted by MrT69

Do you still have Cert Errors??

Ok, so seems like the issue is with Naked Browser - sorry.. It's my favorite browser, but I guess it needs a new update or something. Other browsers are fine...
The Following User Says Thank You to levone1 For This Useful Post: [ View ] Gift levone1 Ad-Free
11th March 2020, 12:48 AM |#2953  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,389
 
Donate to Me
More
keweonDNS - DNSCrypt (DoH) for Windows

If you want to run keweonDNS (via DoH) on Windows direct then do it within easy steps:

1. Download the dnscrypt-proxy client for Windows here

2. Unzip the download to a folder of your choice.

3. Create an empty file with the name inside the folder:
dnscrypt-proxy.toml

4. Open this page and copy the content into the "dnscrypt-proxy.toml" file:
https://pastebin.com/raw/gKrSKPBW

If you have no access to pastebin because of censorship then use this:

Quote:

# keweonDNS @ DNSCloak (Config Edition v0.6)
# Tested on Windows 10 with dnscrypt-proxy (2.0.39)
#
# Date: 2020-03-10
# —————————————————————————————————————————————————— ——————————————————————————————————————————————————
#
# Download:
# https://github.com/dnscrypt/dnscrypt...eleases/latest
#
# Windows:
# https://github.com/DNSCrypt/dnscrypt...n64-2.0.39.zip
#
# —————————————————————————————————————————————————— ——————————————————————————————————————————————————
#
# v0.2
# - Corrected some Settings
# - fixed DNS stamps
# - adjust cache settings
#
# v0.3
# - Added virtual & physical instance
# - removed IP address binding
# - changed DNS Stamp to HA Address
#
# v0.4
# - minor changes on the config
# - adjusted cache settings
# - added load balance option
# - encreased the DNS response speed
# - encreased cache size
# - encreased cache time
# (at the moment keweon can provide 1 update max. by day)
#
# v0.6
# - removed DNSCrypt Server entries
#
# ————————————————————————————————————————
# ————————————————————————————————————————
#
# Go to config edit and paste this complete
# Select keweonDOH Server and enjoy it
#
# This is the default DNSCloak config file
# You may override or add any dnscrypt-proxy option
# Custom lists & static servers are supported
#
# PLEASE READ CAREFULLY:
#
# LISTEN_ADDRESSES: DNSCloak will force include
# "127.0.0.1:53" and "[::1]:53"
#
# SOURCES: do not specify cache_file - DNSCloak will set
# this property using source name ([sources.foobar] -> foobar.md)
#
# ALL LOGS: use UI or specify anything - DNSCloak will
# override these properties with propper files
#
# ALL BLACKLISTS, CLOAKING, FORWARDING RULES: use UI
# to pick rules files or to toggle these features


listen_addresses = [ "127.0.0.1:53", "[::1]:53" ]

ipv4_servers = true
ipv6_servers = true

max_clients = 350
dnscrypt_servers = true
doh_servers = true

require_dnssec = false
require_nolog = false
require_nofilter = false
force_tcp = false

tls_disable_session_tickets = false
dnscrypt_ephemeral_keys = false
timeout = 2500
cert_refresh_delay = 240
block_ipv6 = false

cache = true
cache_size = 10000
cache_min_ttl = 900
cache_max_ttl = 14400
cache_neg_ttl = 10

# ————————————————————————————
# keweonDNS Server as fallback
# ————————————————————————————
fallback_resolver = "136.243.69.38:53"

ignore_system_dns = true

log_files_max_size = 10
log_files_max_age = 7
log_files_max_backups = 1

netprobe_timeout = 0
lb_strategy = 'fastest'

[static.'keweonDNS DoH (Physical)']
stamp = 'sdns://AgIAAAAAAAAAAAARZG5zLmtld2Vvbi5jZW50ZXIHL25lYnVsbw '

[static.'keweonDNS DoH (Virtual)']
stamp = 'sdns://AgIAAAAAAAAAAAAPZG9oLmFzZWNkbnMuY29tBy9uZWJ1bG8'


5. Go to the folder you created and run the file by double click:
service-install.bat

6. Press WIN + R and type cmd

7. Type: nslookup (and press return)

8. Type: server 127.0.0.1 (and press return)

9. Type: 0.start.bz (and press return)

10. Now the answer should exactly be as like as this:



Change your default DNS Server on Windows to 127.0.0.1 and everything is working as expected.
The Following 2 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
11th March 2020, 01:25 AM |#2954  
wkobaint's Avatar
Senior Member
Thanks Meter: 150
 
More
Quote:
Originally Posted by MrT69

keweonDNS - DNSCrypt (DoH) for Windows

If you want to run keweonDNS (via DoH) on Windows direct then do it within easy steps:

1. Download the dnscrypt-proxy client for Windows here

2. Unzip the download to a folder of your choice.

3. Create an empty file with the name inside the folder:
dnscrypt-proxy.toml

4. Open this page and copy the content into the "dnscrypt-proxy.toml" file:
https://pastebin.com/raw/gKrSKPBW

If you have no access to pastebin because of censorship then use this:



5. Go to the folder you created and run the file by double click:
service-install.bat

6. Press WIN + R and type cmd

7. Type: nslookup (and press return)

8. Type: server 127.0.0.1 (and press return)

9. Type: 0.start.bz (and press return)

10. Now the answer should exactly be as like as this:



Change your default DNS Server on Windows to 127.0.0.1 and everything is working as expected.

Thank you so much.

Regarding the certificate, is still error on Android 10 when I try to access https://i.love.keweon/

As per instructions on the OP, try to open the https://i.love.keweon/ if you want the certificate it work or not. Am I right?
The Following User Says Thank You to wkobaint For This Useful Post: [ View ] Gift wkobaint Ad-Free
11th March 2020, 11:31 AM |#2955  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,389
 
Donate to Me
More
Quote:
Originally Posted by wkobaint

Thank you so much.

Regarding the certificate, is still error on Android 10 when I try to access https://i.love.keweon/

As per instructions on the OP, try to open the https://i.love.keweon/ if you want the certificate it work or not. Am I right?

For some unknown reasons I have had disabled this within the database.
May be to less coffee or something like this - I have no idea why.

Now it's enabled again. Thanks for this!!!!
The Following User Says Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
22nd March 2020, 04:23 PM |#2956  
wkobaint's Avatar
Senior Member
Thanks Meter: 150
 
More
Please let me know the update server for nebulo app. Thanks.
23rd March 2020, 03:36 AM |#2957  
Junior Member
Thanks Meter: 0
 
More
Private dns (dns.keweon.center) won't work with noroot firewall.
With the same settings quad9 and cloudflare works. Any help with the configuration will be appreciated. Thanks.
25th March 2020, 09:02 AM |#2958  
Senior Member
Thanks Meter: 58
 
More
Quote:
Originally Posted by black.goku

Private dns (dns.keweon.center) won't work with noroot firewall.
With the same settings quad9 and cloudflare works. Any help with the configuration will be appreciated. Thanks.

Im using dot.asecdns.com on Android 10 private dns and it works.
tried dns.keweon.center, not blocking ads.
26th March 2020, 03:28 AM |#2959  
rmn.br's Avatar
Senior Member
Flag Prague
Thanks Meter: 204
 
More
Quote:
Originally Posted by datsoy

Im using dot.asecdns.com on Android 10 private dns and it works.
tried dns.keweon.center, not blocking ads.

I'm using dns.keweon.center and on my side blocking ads.

Sent from my SM-G985F using XDA Labs
29th March 2020, 07:29 PM |#2960  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,389
 
Donate to Me
More
Is there still a problem with:

dns.keweon.center or dns.keweon.center/nebulo

that should be fixed now.

Btw...
For more server Infos here you have a tiny overview about the current systems:

https://serverinfo.keweon.center
The Following 5 Users Say Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
29th March 2020, 09:37 PM |#2961  
Member
Flag kebili
Thanks Meter: 6
 
More
Quote:
Originally Posted by MrT69

If you have a Stock ROM then I recommend it to do it via DNS Changer App or via Nebulo. That's much more easy then Magisk.

hi , now i have an android 10 samsung a50 , how can i use keweon dns on private Dns that already exist in stock without installing third party app?
thanks.
Post Reply Subscribe to Thread

Tags
adblocker, dns

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes