Unbound Fatal Error: server-cert-file pem does not exist

kiokoman

i'm not using unbound but i want to start it for help some guys here on the forum and i had this error
fatal error: server-cert-file: "/var/unbound/test/unbound_server.pem" does not exist
this is pfsense 2.4.4p3

i'm pretty sure this is because of all the tampering i have done to help others and to test it

what i found out is that a php function create a /var/unbound/test folder with all the needed files to check if the generated config is ok except it does not copy *.pem inside it
a reinstall is probably the best solution but this is the step i've made to solve the problem:
from console edit /etc/inc/unbound.inc
at line 111
function test_unbound_config($unboundcfg, &$output) {
...
rmdir_recursive($cfgdir);
...
if ($rv == 0) {
rmdir_recursive($cfgdir);
}
...
}
comment out with // rmdir ->
//rmdir_recursive($cfgdir);

save and exit
try to start dns resolver from the gui, it will still say that there is that error
go back to console

cd /var/unbound
cp *.pem test

start the service from the GUI and it should start without any problem
go back to the console and revert what was done inside /etc/inc/unbound.inc > remove // in front of rmdir_recursive($cfgdir);
from now on you can freely start and stop unbound without any problem
i was unable to reproduce what caused this problem though

reference
https://redmine.pfsense.org/issues/8287
https://www.reddit.com/r/PFSENSE/comments/73x9kq/unbound_not_starting_no_dns_resolving_for_network/
https://redmine.pfsense.org/issues/6442

Bent

Thanks, doing this did the trick for me.

Using 2.4.5.a.20191216.1443.