On 2018-05-04, Simon Deziel via Unbound-users <[email protected]> wrote: > On 2018-05-04 04:41 PM, Marc Branchaud wrote: >> On 2018-05-04 04:21 PM, Simon Deziel via Unbound-users wrote: >>> Hi Marc, >>> >>> On 2018-05-04 04:12 PM, Marc Branchaud via Unbound-users wrote: >>>> So I'd like to request that: (a) unbound-control avoids using TLS when >>>> communicating over a local socket
(sorry for the late reply), I'd quite like that too... >>> You can use "control-use-cert: no" in the remote-control section. >> >> (Sorry for the duplicate, Simon -- replying to the list this time.) >> >> Thanks, I'd neglected to mention my remote config. I do have that >> already set to no: >> >> remote-control: >> control-enable: yes >> control-use-cert: no > > I just tested "control-use-cert: no" locally. `unbound-control status` > says "options: control(ssl)" but strace'ing the process shows no access > to the control cert/key. Toggling it to yes shows it in strace. So it > seems to work here despite having misleading status output. It doesn't use a cert, but it does use SSL.
