b140d4d82a
- 313 new markdown files created - 30 relationships embedded - 313 entries indexed - State initialized with usage data
945 B
945 B
| id | type | title | tags | importance | confidence | created | updated | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 82d410a0-4d87-4905-b054-a1fe45c93eea | solution | Brave ERR_SSL_UNRECOGNIZED_NAME fix for local reverse proxy with Cloudflare DNS |
|
0.8 | 0.8 | 2026-02-08T04:44:36.127352+00:00 | 2026-02-08T04:44:36.127352+00:00 |
Chromium-based browsers (Brave, Chrome, Edge) fail with ERR_SSL_UNRECOGNIZED_NAME when accessing domains routed to a local reverse proxy (NPM) if Cloudflare publishes ECH keys in the HTTPS DNS record (TYPE65). The browser tries Encrypted Client Hello but the local NPM doesn't support it. Fix: Create Chromium enterprise policy at /etc/brave/policies/managed/disable-ech.json with {"EncryptedClientHelloEnabled": false}. Pi-hole FTL v6 does NOT honor local= or dns-rr directives for TYPE65 records, so DNS-level blocking is not viable. Firefox is unaffected as it handles ECH fallback gracefully.