Hi, So this config file is fine, the tls-cert-bundle should work find with a version of unbound that supports the options (eg. 1.9.2). Like, for me, it works. I guess you downgraded and are now using an older version that does not support the tls-cert-bundle option, so the unknown keyword error is accurate?
Best regards, Wouter On 4/3/19 7:52 PM, rollingonchrome via Unbound-users wrote: > Hello, > > Thank you for the replies. I believe I have the tls-cert-bundle > information correctly indented now. But, I am still getting the same > errors as before about unknown keywords and strays. > > It is indented like this: > > server: > > [a few lines omitted] > > #Added for DoT > tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt" > > Here is a link to my actual conf file if anyone would be willing to take > a look: > https://send.firefox.com/download/83192a35d41caf47/#G4NxNtajpM1KmZgLI-boBg > > I've read that OpenSSL on Jessie doesn't support any TLS except 1.2, so > I'm wondering if that might be this issue. Not sure what version of TLS > Unbound 1.9.1 uses (I downgraded). > > Thank you for your help. > > Best, > > RoC
signature.asc
Description: OpenPGP digital signature
