dy1977--- via Unbound-users:
1) Is it possible to distinguish, at the level of the "operate" function
in the python script, if the connection is http or https ?
no, there is no indication about the purpose a client ask for a DNS-Record
and indent to use the answer.
2) Is there any hope to find a way to display an error page instead of
the great warning when an https connection has been redirected to either
127.0.0.1 or 192.168.1.184 ? I tend to think it is not possible, and I
would prefer not to spend hours around a chimer. I have tried to use the
unbound generated certificate and an autosigned apache certificate. Is
it useful to try with a certificate given by Let'sencrypt ? I don't know
enough about ssl, but I guess the browser cannot be happy to see a
certificate (even if it is valid) which has nothing to do with the site
it is trying to connect with.
that's why DNS interception will create trouble. A Browser like to connect
to https://example.org, send the simple question mentioned above, got
a faked answer from DNS
and still expect to connect to https://example.org
An now think what certificates was build for: to proof, the client is
connected to the /right/ server...
( ok, not a perfect world ... )
unbound can't help here, it's the wrong layer ...
Andreas
