Date: Wed, 15 Feb 2023 08:45:39 GMT From: Tijl Coosemans <tijl@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: d6ab6f93ef94 - releng/13.2 - local-unbound-setup: Use default root certificates Message-ID: <202302150845.31F8jdb0017277@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch releng/13.2 has been updated by tijl: URL: https://cgit.FreeBSD.org/src/commit/?id=d6ab6f93ef94784426083516a857eb9f2441414f commit d6ab6f93ef94784426083516a857eb9f2441414f Author: Tijl Coosemans <tijl@FreeBSD.org> AuthorDate: 2023-01-19 17:13:35 +0000 Commit: Tijl Coosemans <tijl@FreeBSD.org> CommitDate: 2023-02-15 08:42:04 +0000 local-unbound-setup: Use default root certificates Don't force /etc/ssl/cert.pem. It does not exist by default, only if security/ca_root_nss is installed. Just use the default OpenSSL search locations which are /etc/ssl/cert.pem and /etc/ssl/certs/. The tls-system-cert option was added in Unbound 1.16.0. Reviewed by: zlei Approved by: re (cperciva) Differential Revision: https://reviews.freebsd.org/D38243 (cherry picked from commit 8932f7ce1783a10e9ba79c61d54077aa7693552e) (cherry picked from commit 412d15f7268e0662909822b1aef71536a2b285e5) --- usr.sbin/unbound/setup/local-unbound-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/unbound/setup/local-unbound-setup.sh b/usr.sbin/unbound/setup/local-unbound-setup.sh index 3be78339b0ba..dc0768a672a6 100755 --- a/usr.sbin/unbound/setup/local-unbound-setup.sh +++ b/usr.sbin/unbound/setup/local-unbound-setup.sh @@ -260,7 +260,7 @@ gen_unbound_conf() { echo " pidfile: ${pidfile}" echo " auto-trust-anchor-file: ${anchor}" if [ "${use_tls}" = "yes" ] ; then - echo " tls-cert-bundle: /etc/ssl/cert.pem" + echo " tls-system-cert: yes" fi echo "" if [ -f "${forward_conf}" ] ; then
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202302150845.31F8jdb0017277>