Unbound ssl error



  • When I execute this status command: "unbound-control -c /var/unbound/unbound.conf status" I get this as an output:

    
    error: SSL handshake failed
    34386131464:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:/builder/pfsense-232/tmp/FreeBSD-src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_clnt.c:1191:
    Execute Shell Command
    
    

    I found this error when PfBlockerNG dnsbl wasn't working. Dns still resolves, so besides this, my internet is working correctly.

    Somebody else was having the same error and reboot fixed it, but that didn't resove it for me. I'm on latest version of pfsense and I have dns forwarder disabled, ask me if I need to provide more info. Does anybody know what I can do about it?



  • I found what was wrong. A PfBlockerNG config entry was in the unbound advanced config box that was from a old dnsbl setting. I had PfBlockerNG turned off for some time. maybe location of config files changed in PfBlockerNG. I removed the setting and disabled and re-enabled dnsbl in PfBlockerNG and now everything works well!