Thank you for coming back and sharing that here. 
Your latest reply has moved away from a general question about identifying clients when using Pi-hole behind a DoH/DoT proxy to a guide configuring a specific software package to use ECS.
I also note that you've included instructions for making Pi-hole's UI available via HTTPS, which is a different task altogether and also
a. wasn't part of your original question
b. is already covered by a few existing topics, e.g. Enabling HTTPS for your Pi-hole Web Interface
c. will be supported out of the box by upcoming Pi-hole v6
I'm therefore going to split your last post into a separate topic in the Community How-Tos category.
Feel free to edit that topic's title if my choice would need some improvement. 