How to enable DNS over TLS (DoT) / DNS over HTTPS (DoH) in MacOS v. 11+

DNS over TLS (DoT) / DNS over HTTPS (DoH) are ways to encrypt DNS queries and responses between a user's device and the resolving DNS server. For more on this see New in Simple DNS Plus v. 9.0.

Configuring this in MacOS (v. 11 / BigSur or later), requires installing a "configuration profile" file (a file with a ".mobileconfig" extenion), containing data about the DNS server(s) to use.

Various DNS service providers (such as Google, Cloudflare, etc.) provide such files on their web-sites.

You can generate such a file for your own DNS servers at

Enter you company name, select the protocol (DoT or DoH), enter you DNS server host name or query URL, and the DNS server IP addresses, click the Download button, and click/open the downloaded file:

A "Profile installation" message should appear:

Open the system menu, and select "System Preferences...":

Go to "Profiles":

The downloaded profile should appear. Click the "Install..." button:

Click "Install" in the confirmation dialog:

You will be prompted to enter your password to confirm, and then the profile is installed.

Be the first to comment on this page:
(Never published. Used for replies and to show your Gravatar icon. Never used for any other purpose.)