Hi, to my understanding it is feasible to have DNSSEC served for private zones in stub-zone, requiring a trusted key entry with the public key in config - that would be trough > trusted-keys-file: <, right?
Since the authoritative server being Bind 9.13.0 I thought it would make sense to utilize its zone file straight away for unbound as > trusted-keys-file: "/var/named/mail.db" <. However, unbound is reporting /etc/unbound/var/named/mail.db: No such file or directory [1532614243] unbound-checkconf[2467:0] fatal error: trusted-keys-file: "/var/named/mail.db" does not exist in chrootdir /etc/unbound There is no chroot directive in the unbound conf however...
