Hi Michael, > 1) unbound-anchor -a /var/unbound/root.key > 2) fetch ftp://ftp.internic.net/domain/named.cache and save the file > as root.hints 3) fetch http://ftp.isc.org/www/dlv/dlv.isc.org.key and > setup the configuration in your unbound.conf dlv-anchor-file: > "/var/unbound/dlv.isc.org.key"
I had steps 1&2 already done, but not #3. I also have root.hints being fetched periodically by cron job and I added the dlv key file to that script. No need to do that for the anchor file since "AUTO-trust-anchor-file" (rather than trust-anchor-file) instructs unbound to run "unbound-anchor" each time. dnscrypt-proxy definitely NOT working with DNSSEC though. Works if DNSSEC is not enabled in unbound. Thanks for the help & regards. -- FreeBSD_amd64_11-Current_RadeonKMS _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
