Maintained by: NLnet Labs

[Unbound-users] 2 config files?!

Gabriel Petrescu
Mon May 18 10:08:20 CEST 2009

At this momment:

for ubuntu you can install from source or to use the package available in
if you the 804 repositories (as default) or default repository list in 804
no unbound..

on a new fresh vm i changed the repository list (if you need it tell me) and
installed the unbound.

install, 2 config files, the default cnfig file is:
edit this file, enabled:

    interface: ::0
        access-control: allow
    access-control: ::1 allow
        verbosity: 1

statistics-interval: 0
        extended-statistics: yes

        # set to yes if graphing tool needs it
        statistics-cumulative: no

        control-enable: yes

than run:
apt-get install openssl

root at unbound5:~# unbound-control-setup
setup in directory /etc/unbound
generating unbound_server.key
Generating RSA private key, 1024 bit long modulus
e is 65537 (0x10001)
generating unbound_control.key
Generating RSA private key, 1024 bit long modulus
e is 65537 (0x10001)
create unbound_server.pem (self signed certificate)
create unbound_control.pem (signed client certificate)
Signature ok
Getting CA Private Key
Setup success. Certificates created. Enable in unbound.conf file to use
root at unbound5:~# unbound-control stats
error: Error setting up SSL_CTX client key and cert
28440:error:02001002:system library:fopen:No such file or
28440:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
28440:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system

 so here I am... the same situation as in installation from sources..:(

locate unbound_control.pem

than i created a sym link:

 ln -s /var/lib/unbound/etc/unbound/unbound_control.pem
ln: creating symbolic link `/etc/unbound/unbound_control.pem': File exists
root at unbound5:~# unbound-control stats
error: Error setting up SSL_CTX client key and cert
28444:error:02001002:system library:fopen:No such file or
28444:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
28444:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system

at this momment i have no ideea what to do...


On Mon, May 18, 2009 at 10:52 AM, Jelte Jansen <jelte at> wrote:

> It appears the ubuntu package does indeed install two configuration files.
> We might need to ask the package maintainer why this is done (we only
> provide the source code)
>  i will try to make it work and generate statistics.. I hope it will work
>> unbound it's a bit confusing... i am trying to make also a tutorial / rule
>> how to install it on ubuntu for production servers, but at this momment:
>> - from sources it generates errors;
> this should not happen, on my ubuntu system it compiles cleanly, but maybe
> we can help you with this; could you please provide some details?
>  - from packages, we should use not standard repositories; i hope this will
>> work..
> I don't understand this sentence; do you mean because unbound hasn't been
> packaged for older versions of Ubuntu than Intrepid?
> Regards,
> Jelte
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>