[UPDATE] - Disabled direct connections with the resolvers for failed certificate retrieved via relay

This commit is contained in:
quindecim 2020-07-06 18:09:47 -04:00
parent 42992fd090
commit dba0411346
1 changed files with 8 additions and 1 deletions

View File

@ -708,7 +708,14 @@ fragments_blocked = ['cisco', 'cisco-ipv6', 'cisco-familyshield', 'cisco-familys
# skip resolvers incompatible with anonymization instead of using them directly # skip resolvers incompatible with anonymization instead of using them directly
skip_incompatible = true skip_incompatible = false
# If public server certificates for a non-conformant server cannot be
# retrieved via a relay, try getting them directly. Actual queries
# will then always go through relays.
direct_cert_fallback = false