Hi. Try adding the --with-ssl compile option. You can then run unbound with -d and -v for debug information during startup and will give you more info why it is not working.
On Mon, Feb 22, 2021 at 10:36:22AM -0600, Ronald Nutter via Unbound-users wrote: > I have been using Unbound with DoT but would like to see about moving over > to HTTPS. Have been looking for how to do this but what I have found so > far doesnt give me the information I am looking for. I have some > experience with Linux but am no where near being a programmer. > > Here is what I have found so far - > > # Since I installed using apt, figure that I should uninstall it first > > sudo apt remove unbound > > > # Download/compile unbound to use DoH > wget http://www.nlnetlabs.nl/downloads/unbound/unbound-1.13.1.tar.gz > tar -zxvf unbound-1.13.1.tar.gz (missing step?) > ./configure --with-libnghttp2 > make > make install > > #configuring unbound to use DoH > server: > interface: 127.0.0.1@443 > tls-service-key "key.pem" > tls-service-pem: "cert.pem" > > # Adapted from TLS/DoT instructions, so not sure about this > forward-zone: > name: "." > forward-tls-upstream: yes > # Cloudflare DNS > forward-addr: 2606:4700:4700::1111@443#cloudflare-dns.com > forward-addr: 1.1.1.1@443#cloudflare-dns.com > forward-addr: 2606:4700:4700::1001@443#cloudflare-dns.com > forward-addr: 1.0.0.1@443#cloudflare-dns.com > > Is this correct ? > Would appreciate any pointers in helping get this to work > > Thanks, > Ron
