How to Enable or Disable DNS over HTTPS (DoH) in Microsoft Edge Chromium
Microsoft has adopted the Chromium open source project in the development of Microsoft Edge on the desktop to create better web compatibility. This new Microsoft Edge runs on the same Chromium web engine as the Google Chrome browser, offering you best in class web compatibility and performance.
The new Chromium based Microsoft Edge is supported on all versions of Windows 7, Windows 8.1, Windows 10, Windows Server (2016 and above), Windows Server (2008 R2 to 2012 R2), and macOS.
When you type a web address or domain name into your address bar (example:www.tenforums.com ), your browser sends a request over the Internet to look up the IP address for that website.
Traditionally, this request is sent to servers over a plain text connection. This connection is not encrypted, making it easy for third-parties to see what website you’re about to access.
DNS-over-HTTPS (DoH) works differently. It sends the domain name you typed to a DoH-compatible DNS server using an encrypted HTTPS connection instead of a plain text one. This prevents third-parties from seeing what websites you are trying to access.
DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. Encryption by itself does not protect privacy, encryption is simply a method to obfuscate the data. As of March 2018, Google and the Mozilla Foundation started testing versions of DNS over HTTPS.
If wanted, you can enable the Secure DNS lookups flag for an experimental feature in Microsoft Edge to enable DNS over HTTPS. When this feature is enabled, your browser may try to use a secure HTTPS connection to look up the addresses of websites and other web resources.
When enabled, Microsoft Edge will use Google Public DNS servers for the secure resolver protocol.
This tutorial will show you how to disable or enable and specify DNS over HTTPS (DoH) secure DNS provider in the Chromium based Microsoft Edge.
Contents
- Option One: Turn Off or Turn On and Specify DNS over HTTPS (DoH) Provider in Microsoft Edge
- Option Two: Enable or Disable DNS over HTTPS (DoH) in Microsoft Edge for All Users using a REG file
1 Open Microsoft Edge.
2 Click/tap on the Settings and more (Alt+F) 3 dots menu icon. (see screenshot below step 3)
3 Click/tap on Settings. (see screenshot below)
4 Do step 5 (on/change) or step 6 (off) below for what you want.
A) Click/tap on Privacy, search, and services in the left pane. (see screenshot below)
If you do not see a left pane, then widen the horizontal borders of the Microsoft Edge window until you do.
B) Turn on Use secure DNS to specify how to lookup the network address for websites on the right side under Security.
C) Select (dot) Use current service provider (default) or Choose a service provider (custom) for what you want.
D) If you selected Choose a service provider, click/tap inside the Enter custom provider box, and select the DNS over HTTPS (DoH) provider you want to use in the drop menu.
You can also manually enter a custom DOH of your choice.
E) Go to step 7 below.
A) Click/tap on Privacy, search, and services in the left pane. (see screenshot below)
If you do not see a left pane, then widen the horizontal borders of the Microsoft Edge window until you do.
B) Turn off Use secure DNS to specify how to lookup the network address for websites on the right side under Security.
C) Go to step 7 below.
7 You can now close the Settings tab in Microsoft Edge if you like.
You must be sign in as an administrator to do this option.
This option uses the BuiltInDnsClientEnabled policy to enable or disablethe built-in secure DNS client in Microsoft Edge. This does not affect which DNS servers are used; just the software stack which is used to communicate with them. For example if the operating system is configured to use an enterprise DNS server, that same server would be used by the built-in DNS client. It is however possible that the built-in DNS client will address servers in different ways by using more modern DNS-related protocols such as DNS-over-TLS.
If you enable this policy, the built-in DNS client is used, if it's available.
If you disable this policy, the client is never used.
If you don't configure this policy, the built-in DNS client is enabled by default on MacOS, and users can change whether to use the built-in DNS client.
The downloadable .reg files below will add and modify the DWORD value in the registry key below.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge
BuiltInDnsClientEnabled DWORD
(delete) = Default
0 = Always disabled
1 = Always enabled
1 Do step 2 (enable), step 3 (disable), or step 4 (default) below for what you would like to do.
This step will force the Use secure DNS to specify how to lookup the network address for websites setting in Option One to always be turned on without users being able to change this setting.
A) Click/tap on the Download button below to download the file below, and go to step 5 below.
Force_enable_built-in_secure_DNS_in_Microsoft_Edge.reg
Download
This step will force the Use secure DNS to specify how to lookup the network address for websites setting in Option One to always be turned off without users being able to change this setting.
A) Click/tap on the Download button below to download the file below, and go to step 5 below.
Force_disable_built-in_secure_DNS_in_Microsoft_Edge.reg
Download
This is the default setting.
This step will allow users to use Option One to turned on and off the Use hardware acceleration when available setting in Microsoft Edge.A) Click/tap on the Download button below to download the file below, and go to step 5 below.
Default_user_choice_secure_DNS_in_Microsoft_Edge.reg
Download
5 Save the .reg file to your desktop.
6 Double click/tap on the downloaded .reg file to merge it.
7 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.
8 If Microsoft Edge is currently open, then close and reopen Microsoft Edge to apply.
9 You can now delete the downloaded .reg file if you like.
That's it,
Shawn
Related Tutorials
- How to Enable or Disable DNS over HTTPS (DoH) in Google Chrome
- How to Enable or Disable DNS over HTTPS (DoH) in Firefox
- How to Change IPv4 and IPv6 DNS Server Address in Windows