Hello. I'm running the Flint 2 on firmware version 4.6.4.
Addguard home is enabled and working, with load balancing between https://dns.quad9.net/dns-query & tls://dns.quad9.net Set as default, with fallbacks set to https://dns.adguard-dns.com/dns-query & tls://dns.adguard-dns.com. However, I seem to be unable to enable secure DNS in the interface because I'm getting error "Error: control/tls/validate | port 443 is not available, cannot enable HTTPS on it | 400"
The setting AdGuard Home Handle Client Requests Is enabled, because without it, I don't seem to have Internet access with this firmware version.
In LUCL I have banIP For the ability to filter out IP's from countries specifically known for malware attacks.
Any thoughts as to why I can not enable secure DNS?
By using the HTTPS DNS from AdGuard Home DNS no port will be open. It is totally fine to use it. Upstream does not matter either, because we are just talking about the DNS-over-HTTPS part of AdGuard Home.
The only reason why it does not work is, that the nginx for luci and the GL GUI is listening on TCP/443 already.
So I tried adjusting the ports because that seems simple enough. That got rid of the warning, but it won't let me save the changes. Based on some context clues it seems like it wants me to set up a certificate with let's encrypt? Happy to learn if it's the right thing to do, but it seems like it might be overkill. I basicallywanted to use DNS encryption, to put a little bit of a barrier between my ISP and my entire browsing history, so they couldn't sell it to advertisers directly, or something like that. I don't really have anything nonstandard going on threat model wise. Overkill Or worth setting up the certificate for the long haul? Thoughts?