RPZ: is this config correct?
george at nlnetlabs.nl
Tue May 11 10:16:02 UTC 2021
On 11/05/2021 09:56, A. Schulze via Unbound-users wrote:
> Am 10.05.21 um 23:30 schrieb A. Schulze via Unbound-users:
>> Am 01.05.21 um 12:46 schrieb A. Schulze via Unbound-users:
>>> HTTP works, HTTPS don't.
>> Hello George,
>> is there anything I could test/check/do to help?
I am afraid not. I am currently preoccupied with another bug but will
get to this right after, will let you know.
> I now setup
> * a webserver that
> - fetch https://urlhaus.abuse.ch/downloads/rpz/ hourly
> - serve that file by http
> * an unbound instance
> - configured to use the rpz from the http location
> Turns out: the zonefile written by unbound, *has* current data
> ... as expected ...
> so only fetch by https is broken somehow.
Thanks again for clarifying that!
I'll try to replicate with the systems you shared (Debian Bullseye and
Debian Buster) and go from there.
More information about the Unbound-users