On Oct 31, 2015, at 1:04 PM, FritzS - gmx <fri...@gmx.net> wrote:
> Now I updated port and unbound too, but it don’t work
> http://dnssectest.sidnlabs.nl/test.php
> says
> 'You are not protected
> Permissive mode detected:
> Your DNSSEC is configured in "permissive mode" (or you use a combination of
> validating- and non-validating resolvers) and as such you are not protected.’
that test tests whatever your system resolver(s) are, which may include things
other than the unbound that you are running.
You should use `dig` to troubleshoot since you can tell it which resolver to
test.
> /opt/local/etc/unbound/root.key are renewed at each boot.
>
> Must unbound.pid in the same directory as root.key?
no
> What could be wrong?
>
> My current unbound.conf
> # auto-trust-anchor-file: "/opt/local/var/run/unbound/root.key“
>
> # I testet both path below
> # auto-trust-anchor-file: "/opt/local/etc/unbound/root.key"
> auto-trust-anchor-file: "/root.key"
this part is likely what you didn't get right.
You want:
auto-trust-anchor-file: "/opt/local/etc/unbound/root.key"
--
Daniel J. Luke
+========================================================+
| *---------------- dl...@geeklair.net ----------------* |
| *-------------- http://www.geeklair.net -------------* |
+========================================================+
| Opinions expressed are mine and do not necessarily |
| reflect the opinions of my employer. |
+========================================================+
_______________________________________________
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users
