Maintained by: NLnet Labs

What format does ub_ctx_add_ta expect?

Riccardo Spagni
Sat Jan 16 21:05:31 CET 2016

Hi all,

   We've been using ub_ctx_add_ta() in libunbound to manually include the
root trust anchor in Monero (because there's no standard for storing the
root trust anchor, and Windows users almost definitely won't have one).
This worked for ages, but as of a few months ago the following error occurs:

[1452966957] libunbound[15265:0] info: warning: unsupported algorithm for
trust anchor . DNSKEY IN
[1452966957] libunbound[15265:0] warning: trust anchor . has no supported
algorithms, the anchor is ignored (check if you need to upgrade unbound and

   We figured it would resolve itself with some future version of
libunbound, but as of 1.5.8 (git head) from a few weeks ago it is still not

   This is the hard-coded anchor:

   And this is the snippet where we add the anchor using ub_ctx_add_ta():

   Any suggestions? Is it expecting a different format for that anchor?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>