DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session.
DoH seeks to improve online privacy by hiding DNS queries from view.
This script has been tested on MikroTik RouterOS 6.x and 7.x
In this example we're using Cloudflares DoH Server.
Download Certificate
/tool fetch url=https://curl.se/ca/cacert.pem
Import Certificate
/certificate import file-name=cacert.pem passphrase=""
Set DoH Server
/ip dns set use-doh-server=https://cloudflare-dns.com/dns-query verify-doh-cert=yes
Hardcore Cloudflare Domains
/ip dns static add name=cloudflare-dns.com address=2606:4700::6810:f8f9 add name=cloudflare-dns.com address=2606:4700::6810:f9f9 add name=cloudflare-dns.com address=104.16.248.249 add name=cloudflare-dns.com address=104.16.249.249
Remove hard coded servers
/ip dns set servers=""
Remove Peer DNS
/ip dhcp-client set 0 use-peer-dns=no /ipv6 dhcp-client set 0 use-peer-dns=no