Browse Source

Enable DNSSEC validation in unbound by default

OK deraadt@ otto@
OPENBSD_6_7
job 5 years ago
parent
commit
3cf6b014d3
1 changed files with 3 additions and 3 deletions
  1. +3
    -3
      src/etc/unbound.conf

+ 3
- 3
src/etc/unbound.conf View File

@ -1,4 +1,4 @@
# $OpenBSD: unbound.conf,v 1.17 2019/08/25 15:50:21 ajacoutot Exp $
# $OpenBSD: unbound.conf,v 1.18 2019/11/07 12:49:45 job Exp $
server: server:
interface: 127.0.0.1 interface: 127.0.0.1
@ -19,9 +19,9 @@ server:
hide-identity: yes hide-identity: yes
hide-version: yes hide-version: yes
# Uncomment to enable DNSSEC validation.
# Perform DNSSEC validation. Comment out the below option to disable.
# #
#auto-trust-anchor-file: "/var/unbound/db/root.key"
auto-trust-anchor-file: "/var/unbound/db/root.key"
#val-log-level: 2 #val-log-level: 2
# Uncomment to synthesize NXDOMAINs from DNSSEC NSEC chains # Uncomment to synthesize NXDOMAINs from DNSSEC NSEC chains


Loading…
Cancel
Save