TLS certificate question about Unbound 1.9.2

Wouter Wijngaards wouter at
Thu Apr 4 07:04:46 UTC 2019


So this config file is fine, the tls-cert-bundle should work find with a
version of unbound that supports the options (eg. 1.9.2).  Like, for me,
it works.  I guess you downgraded and are now using an older version
that does not support the tls-cert-bundle option, so the unknown keyword
error is accurate?

Best regards, Wouter

On 4/3/19 7:52 PM, rollingonchrome via Unbound-users wrote:
> Hello,
> Thank you for the replies. I believe I have the tls-cert-bundle
> information correctly indented now. But, I am still getting the same
> errors as before about unknown keywords and strays.
> It is indented like this:
> server:
>       [a few lines omitted]
>      #Added for DoT
>      tls-cert-bundle: "/etc/ssl/certs/ca-certificates.crt"
> Here is a link to my actual conf file if anyone would be willing to take
> a look: 
> I've read that OpenSSL on Jessie doesn't support any TLS except 1.2, so
> I'm wondering if that might be this issue. Not sure what version of TLS
> Unbound 1.9.1 uses (I downgraded).
> Thank you for your help.
> Best,
> RoC

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Unbound-users mailing list