can stats channel be config'd for (only) secure access?
does it use the 'tls' config, or other?
Not at the moment.
ok
Please note the statistics channel must not be exposed to any unauthorized
access, so the most safe way is to expose it only on localhost anyway - and
then TLS is just overhead.
yup
exposed in bind conf only on localhost+port,
config'd stunnel as frontend TLS terminator, with TLS cert authentication
required,
added own-CA self-signed cert,
and works well enough
thx
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users