On 14-02-12 10:03, Phil Mayers wrote: > With unbound on your server, you should be able to do: > > dig +dnssec @server <signed name> > > ...and get back a response with the "ad" flag set e.g. > > $ dig +dnssec org ns > ... > ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 7 > ^^ AD flag set
This now works. I have solved it by adding the following line to my unbound.conf on my server: auto-trust-anchor-file: "/etc/unbound/root.key" I thought this path would be the default path and was not needed to specify. But it is. I removed unbound from my desktop pc as it's not needed. Maybe unbound-anchor should add this line to unbound.conf automatically or at least check/warn the user if it is incorrect. Thanks all for the help. Marcel _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
