Hi Dago, > I am just fiddling with the latest gnutls and got a configure time error: > >> DNSSEC root key file: /etc/unbound/root.key
Aside: Is gnutls assuming this path or picking it up from something delivered by the unbound packages? >> >> configure: WARNING: >> *** >> *** The DNSSEC root key file in /etc/unbound/root.key was not found. >> *** This file is needed for the verification of DNSSEC responses. >> *** Use the command: unbound-anchor -a "/etc/unbound/root.key" >> *** to generate or update it. >> *** > > Any advice on how we should handle this? Add the key to libunbound2? > Ihsan? My initial reaction to this was that including the "config" file in the library package wasn't the right thing to do, but after reading about it and thinking some more, I think your suggestion is ok. Originally I thought a -data package to deliver this (and similar files from unbound if they exist) might be a better option but that seems to heavy and counter-productive. The recipe for unbound could automate creating root.key at every re-spin using the procedure described here: http://www.unbound.net/documentation/howto_anchor.html Ihsan? Thanks -Ben _______________________________________________ maintainers mailing list [email protected] https://lists.opencsw.org/mailman/listinfo/maintainers .:: This mailing list's archive is public. ::.
