Date: Sat, 07 Oct 2023 19:01:11 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 274339] dns/unbound: needs tls-cert-bundle for DoH after ca_root_nss changes Message-ID: <bug-274339-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274339 Bug ID: 274339 Summary: dns/unbound: needs tls-cert-bundle for DoH after ca_root_nss changes Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: throwaway_vthgwq4@protonmail.com CC: jaap@NLnetLabs.nl Flags: maintainer-feedback?(jaap@NLnetLabs.nl) CC: jaap@NLnetLabs.nl One needs tls-cert-bundle: /usr/local/share/certs/ca-root-nss.crt now in a config file for strict DoH (below) to work: forward-zone: name: "." forward-first: no # if forwarding fails, break forward-tls-upstream: yes otherwise the following would happen: [...] Oct 7 18:48:47 unbound[85500]: [85500:0] error: ssl handshake failed crypto error:16000069:ST ORE routines::unregistered scheme Oct 7 18:48:47 unbound[85500]: [85500:0] error: and additionally crypto error:80000002:system library::No such file or directory [...] --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-274339-7788>