Maintained by: NLnet Labs

Getting error messages, DNSSEC appears to be working nevertheless

Beeblebrox
Mon Jul 24 09:04:36 CEST 2017


Hello. I have Unbound running in a FreeBSD Jail, with all required files placed in /var/unbound. /etc/rc.conf starts unbound with:

unbound_enable="YES"
unbound_flags="-c /var/unbound/unbound.conf"
unbound_anchorflags="-a '/var/unbound/root.key' -C /var/unbound/unbound.conf -r '/var/unbound/root.hints'"

DNSSEC is morking since "drill -D 00f.net" gives correct result.
However, unbound.log shows below message, and I'm wondering if it could cause future problems:

libunbound[74640:0] notice: init module 0: validator
libunbound[74640:0] error: trust anchor presented twice
libunbound[74640:0] error: could not parse auto-trust-anchor-file /var/unbound/root.key line 2
libunbound[74640:0] error: error reading auto-trust-anchor-file: /var/unbound/root.key
libunbound[74640:0] error: validator: error in trustanchors config
libunbound[74640:0] error: validator: could not apply configuration settings.
libunbound[74640:0] error: module init for module validator failed
unbound[75230:0] notice: init module 0: validator
unbound[75230:0] notice: init module 1: iterator
unbound[75230:0] info: start of service (unbound 1.6.2).

Regards.

-- 
HardenedBSD_amd64_12-Current_RadeonKMS
Please CC my email when responding, mail from list is not delivered.