Apple Setup
On Apple devices, the cleanest way to turn on encrypted DNS system-wide is a configuration profile. Easy HNS already points users to a profile install flow, so this page keeps that path front and center.
At a glance
Best for
iPhone, iPad, and Mac users who want the easiest Apple-native setup.
Protocol
DoH via Apple DNS profile
Coverage
System-wide
Setup time
2 to 3 minutes
Download link
/resolve/apple
Apple Setup stays focused on the shortest accurate path for this platform.
Guide summary
Important
Apple will usually mark a profile downloaded from the web as not verified unless you sign it through your own management workflow. That is normal for a public profile download.
Before you start
Check 01
Use Safari or another browser that can download a .mobileconfig file.
Check 02
Keep your device connected to the internet during installation.
Check 03
If you already use another encrypted DNS profile, remove or disable it first.
Use the right field for the right input.
URL fields need the full DoH URL. Hostname fields need the DoT hostname only. IP fields need the raw address only.
Profile download
/resolve/apple
Use this Easy HNS resolve path to start the Apple profile download automatically.
Fallback DoH URL
https://dns.easyhns.com/dns-query
Useful for managed environments or manual review.
DoT hostname
dns.easyhns.com
Helpful if you need to compare settings with other devices.
Short steps, no filler.
Follow the route in order, then verify the active DNS setting before changing another layer.
Step 01
Download the profile
Download the Easy HNS configuration profile. On iPhone or iPad, use the downloaded profile prompt. On macOS, open the downloaded file from your browser or Downloads folder.
Step 02
Open the profile screen
On iPhone or iPad, go to Settings > General > VPN & Device Management. On Mac, go to Settings or System Settings > Network > VPN & Filters.
Step 03
Select Easy HNS
Select the Easy HNS profile when it appears in the Apple settings screen.
Step 04
Install and activate
On iOS or iPadOS, choose Install and activate the profile. On macOS, enable the Easy HNS profile from VPN & Filters.
Step 05
Make sure the profile stays enabled
After installation, keep the Easy HNS profile active. If another DNS profile is already active, remove conflicts and reinstall.
How to verify
Open a Handshake domain in Safari after installation. If it loads without needing a browser-specific workaround, the profile is active.
If a Handshake domain still fails, close and reopen the browser once so the new DNS path is picked up cleanly.
On iPhone and iPad, revisit Settings > General > VPN & Device Management and confirm the Easy HNS profile appears as installed.
Troubleshooting
If Settings does not show the profile, download the file again and open it directly from Downloads or Files.
If your device says a profile cannot be installed, remove older DNS or filtering profiles first and retry.
If a captive portal or hotel Wi-Fi behaves strangely after setup, temporarily disable the profile, finish the sign-in flow, then re-enable Easy HNS.
Important note about Handshake website security warnings
Using Easy HNS gives you convenient access to Handshake domains, but standard browsers may still show security warnings for some Handshake websites.
Why? Because most mainstream browsers do not natively validate Handshake trust and DANE/TLSA in the same way they validate the conventional HTTPS web.
As a result:
- some Handshake websites may load over HTTP;
- some may show a browser warning or missing secure indicator;
- this is often a browser trust-model limitation, not automatically proof that the website is malicious.
If you want a stronger Handshake-native browsing experience with DANE/TLSA support, use Fingertip for desktop.
Using a VPN?
Easy HNS still works well with VPNs, but browser Secure DNS can override router or system DNS, and some VPN apps force their own resolver. Use 51.24.7.1 only in IP fields, use https://dns.easyhns.com/dns-query only in DoH fields, and verify which layer is actually winning.
Setup guide
Chrome
Use Chrome Secure DNS and point it at the Easy HNS DoH URL.
Protocol
DoH
Scope
Browser-only
Time
1 minute
Setup guide
Firefox
Firefox can keep DNS lookups in the browser using DNS over HTTPS protection.
Protocol
DoH
Scope
Browser-only
Time
1 to 2 minutes
Setup guide
Advanced
Exact Easy HNS endpoints for manual clients, custom templates, scripts, and infrastructure tooling.
Protocol
DoH, DoT, plain DNS
Scope
Varies
Time
Depends on platform