error: SSL handshake failed
-
unbound-control -c /var/unbound/unbound.conf status
results in -->error: SSL handshake failed
34391444536:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:/build/ce-crossbuild-244/pfSense/tmp/FreeBSD-src/crypto/openssl/ssl/s3_clnt.c:1269:not able to fix it myself / head against the tree ;)
in unbound.conf uncommented the following:
/usr/local/etc/unbound/unbound.conf#unbound server key file.
server-key-file: "/usr/local/etc/unbound/unbound_server.key"# unbound server certificate file. server-cert-file: "/usr/local/etc/unbound/unbound_server.pem" # unbound-control key file. control-key-file: "/usr/local/etc/unbound/unbound_control.key" # unbound-control certificate file. control-cert-file: "/usr/local/etc/unbound/unbound_control.pem"
after that reload and restart ... same error
DNS Forwarder enabled
DNSSEC disabled
NICs LAN and localhost
no Custom Options setAny Ideas ...
after deleting these in
/var/unbounddnsbl_cert.pem
unbound_control.key
unbound_control.pem
unbound_server.key
unbound_server.pemand restartet the box (baby)
no error ! :)
after activating pfB & DNSBL
grep 'DNSBL update' /var/log/pfblockerng/pfblockerng.log | tail -1
DNSBL update [ 183054 | PASSED ]... completed
I hope i fixed this !
sometimes puttin your headphones on helps !
"cat stevens and chris & chris cornell "best regards in advanced !
on 2.4.4-RELEASE-p1
nP -
This worked for me too. Thanks for sharing your solution!
-
Worked for me too, thanks.
pfsense 2.4.5-RELEASE-p1. -
The file
/usr/local/etc/unbound/unbound.conf
isn't used by any process neither unbound. It's there for historical show-case reasons - and eating some disk space.
Changing that file, or even deleting it won't make any difference.@calin said in error: SSL handshake failed:
Worked for me too, thanks.
so, what worked for you ?
Btw : I guess this is/was also valid for 2.4.4-p1 - many years ago.