Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot access Unbound Remote Control

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 2 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      douglasg14b
      last edited by douglasg14b

      I'm trying to pull stats from Unbound, but am unable to access it's remote control, I receive the following error with the command "/usr/local/sbin/unbound-control -s 127.0.0.1:953 stats_noreset":

      unbound-control[3529:0] warning: control-enable is 'no' in the config file.
      error: Error setting up SSL_CTX client key and cert
      34391425992:error:02001002:system library:fopen:No such file or directory:/builder/ce-243/tmp/FreeBSD-src/crypto/openssl/crypto/bio/bss_file.c:406:fopen('/usr/local/etc/unbound/unbound_control.pem','r')
      
      

      I have the following in the config (/var/unbound/unbound.conf which includes /var/unbound/remoteaccess.conf):

      remote-control:
              control-enable: yes
              control-interface: 127.0.0.1
              control-port: 953
              server-key-file: "/var/unbound/unbound_server.key"                                        
              server-cert-file: "/var/unbound/unbound_server.pem"                                       
              control-key-file: "/var/unbound/unbound_control.key"                                      
              control-cert-file: "/var/unbound/unbound_control.pem"
      

      Control is definitely enabled, why am I getting that error? Unbound seems to be trying to reference the cert that is mentioned in the /usr/local/sbin/unbound/unbound.conf file (which is entire commented out), not the one in the config file that pfsense seems to have it using.

      Is Unbound using a different config from somewhere else? Is there a different unbound-control I should be using? How can I resolve this?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        You need to pass it the full path to the config file.

        $ unbound-control -c /var/unbound/unbound.conf stats_noreset
        

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.