Updated that Chrome v78 is now out.
Before we get started, you MUST have 184.108.40.206 (or another DNS over HTTPS resolver) enabled in Windows or at your router. Chrome will only use DoH if your system already is using one of these resolvers.
To see if your router is broadcasting the correct IPs, run this command in an command prompt:
The "address" field MUST say either 220.127.116.11, 18.104.22.168,
2606:4700:4700::1001. If it does not, you will have to set it up via these setup instructions.
Now, to enable it in Chrome:
- Go to chrome://flags/ in a new tab
- search for "secure dns"
- turn it to enabled (this will likely not show up if you have a browser managed by your school or work)
4. restart Chrome (go to
chrome://restart in the URL bar)
5. go to this page to verify that "Using DNS over HTTPS (DoH)" shows as "yes"
If you use a DoH server other than Cloudflare, the "using DoH" option will say "no" since this only detects the use of 22.214.171.124 DoH.
Original blog post:
Chrome has had DNS over HTTPS support available since February of 2018, however, Google has had the feature disabled as they work on the UI and make sure this doesn't cause deployment issues with the many environments where Chrome runs (schools, enterprises, etc).
As per https://crbug.com/799753#c8 (comment 8), you can enable DOH on Chrome prematurely by appending command line options when starting Chrome.
To enable this on Windows, right click Chrome on your taskbar, then right click "Google Chrome" again and select "properties".
Now you'll see information about the Chrome shortcut. In the "target" text box, replace the entire box with the following text:
chrome.exe --enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2F126.96.36.199%2Fdns-query/method/POST
Finally, close chrome (or type
chrome://quit in your url box) then open it back up (via the shortcut). This enables the feature and sets the DoH resolver to Cloudflare's 188.8.131.52 resolver. If you also launch Chrome via the desktop icon, perform the same actions on that desktop shortcut.
To confirm DNS over HTTPS is set up, you can visit 184.108.40.206/help and "Using DNS over HTTPS" should be a "Yes".
If you use a different operating system, see this chromium wiki post for instructions on starting Chrome with command line options. Use these flags:
--enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2F220.127.116.11%2Fdns-query/method/POST