DoH not working

Expected Behaviour:

DoH should be working and shown to be active.
OS: Latest Raspberry Pi OS
Hardware: Raspberry Pi Zero W

I followed this guide here: https://docs.pi-hole.net/guides/dns-over-https/ .
When I run the following command I get the output as seen in the link below, suggesting the cloudflared service is running.

sudo systemctl status cloudflared

Output:

● cloudflared.service - cloudflared DNS over HTTPS proxy
   Loaded: loaded (/etc/systemd/system/cloudflared.service; enabled; vendor pres
   Active: active (running) since Sat 2020-08-08 16:01:48 BST; 18h ago
 Main PID: 522 (cloudflared)
   CGroup: /system.slice/cloudflared.service
           └─522 /usr/local/bin/cloudflared proxy-dns --port 5053 --upstream htt

Aug 09 00:07:16 raspberrypi cloudflared[522]: time="2020-08-09T00:07:16+01:00" l
Aug 09 00:07:16 raspberrypi cloudflared[522]: time="2020-08-09T00:07:16+01:00" l
Aug 09 00:07:16 raspberrypi cloudflared[522]: time="2020-08-09T00:07:16+01:00" l
Aug 09 00:07:16 raspberrypi cloudflared[522]: time="2020-08-09T00:07:16+01:00" l
Aug 09 00:07:18 raspberrypi cloudflared[522]: time="2020-08-09T00:07:18+01:00" l
Aug 09 00:07:18 raspberrypi cloudflared[522]: time="2020-08-09T00:07:18+01:00" l
Aug 09 00:07:18 raspberrypi cloudflared[522]: time="2020-08-09T00:07:18+01:00" l
Aug 09 00:07:18 raspberrypi cloudflared[522]: time="2020-08-09T00:07:18+01:00" l
Aug 09 00:07:18 raspberrypi cloudflared[522]: time="2020-08-09T00:07:18+01:00" l
Aug 09 00:07:18 raspberrypi cloudflared[522]: time="2020-08-09T00:07:18+01:00" l
lines 1-17/17 (END)...skipping...
● cloudflared.service - cloudflared DNS over HTTPS proxy
   Loaded: loaded (/etc/systemd/system/cloudflared.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2020-08-08 16:01:48 BST; 18h ago
 Main PID: 522 (cloudflared)
   CGroup: /system.slice/cloudflared.service
           └─522 /usr/local/bin/cloudflared proxy-dns --port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query

Aug 09 00:07:18 raspberrypi cloudflared[522]: time="2020-08-09T00:07:18+01:00" level=error msg="failed to connect to an HTTPS backend \"https://1.0.0.1/dns-query\"" error="failed to perform an HTTPS request: Post https://1.0.0.1/dns-query\"" error="failed to perform an HTTPS request: Post https://1.0.0.1/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"

Yet when I check here: https://1.1.1.1/help if DoH is active, it says no. See here: https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IkFNUyIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6Ikdsb2JhbCBMYXllciBCLlYuIiwiaXNwQXNuIjoiNDk0NTMifQ==
Why does it say DoH is not active? What am I missing?

Actual Behaviour:

DoH shown to be inactive on this website: https://1.1.1.1/help

Debug Token:

https://tricorder.pi-hole.net/2kv00vj4rp

Your linked image isn't properly readable for me

In this forum, you can either paste images directly (good for colourful screenshots) or paste text and format that via </> Preformatted text (good for command line output, as yours).

Please edit your above post accordingly.

The command result output is missing.

Has the package ca-certificates to be installed?

With your last edit of your original post, you've succeeded in supplying the command output, thanks.

However, neither your initial screenshot nor your command output contains the full error line.
We may miss out significant information.

EDIT: To clarify:

That ends incomplete with (...)/dns-quer.

Are you asking if the package ca-certificates is installed or are you asking if this package needs to be installed in order for DoH to work?

That seems to be a long standing issue with cloudflared, only manifesting itself for some users:

I don't use cloudflared.

You have to check if you need this package (for cloudflared).

I can't find any information on that unfortunately. Shouldn't this package be included in the dependencies if it were needed?

I finally realized why DoH was shown to be inactive!

I was using NordVPN and I'm guessing they don't use DoH and therefore was shown to be inactive. When I turn off my VPN, it shows DoH is active.
Am I right to assume though, that DoH is working as intended while using NordVPN?

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.