Date: Mon, 18 Aug 2025 14:35:20 GMT From: Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?= <des@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: e687f38a36ce - main - local-unbound-setup: If TLS is enabled, use the certificate bundle Message-ID: <202508181435.57IEZKL4065210@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=e687f38a36ceb681ff7fe0668050f95828f73831 commit e687f38a36ceb681ff7fe0668050f95828f73831 Author: Dag-Erling Smørgrav <des@FreeBSD.org> AuthorDate: 2025-08-18 14:31:42 +0000 Commit: Dag-Erling Smørgrav <des@FreeBSD.org> CommitDate: 2025-08-18 14:31:42 +0000 local-unbound-setup: If TLS is enabled, use the certificate bundle Now that certctl(8) always produces a bundle, use it in preference to the hashed directory, since the latter cannot be preloaded before chrooting. --- usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/unbound/setup/local-unbound-setup.sh b/usr.sbin/unbound/setup/local-unbound-setup.sh index d52534b46fa3..d57d74952fc7 100755 --- a/usr.sbin/unbound/setup/local-unbound-setup.sh +++ b/usr.sbin/unbound/setup/local-unbound-setup.sh @@ -259,7 +259,7 @@ gen_unbound_conf() { echo " pidfile: ${pidfile}" echo " auto-trust-anchor-file: ${anchor}" if [ "${use_tls}" = "yes" ] ; then - echo " tls-system-cert: yes" + echo " tls-cert-bundle: /etc/ssl/cert.pem" fi echo "" if [ -f "${forward_conf}" ] ; then
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202508181435.57IEZKL4065210>