Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unbound - corrupt root.key

    Scheduled Pinned Locked Moved DHCP and DNS
    4 Posts 3 Posters 930 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 5
      5055
      last edited by

      why is everything flagged as spam?

      5 1 Reply Last reply Reply Quote 0
      • 5
        5055 @5055
        last edited by

        Hello,

        Sorry about the first message. I was trying to see if I could post something WITHOUT it being flagged as spam...

        I have a strange issue with Unbound. Every time it restarts, I see the following in the logs: /status_services.php: Unbound /var/unbound/root.key file is corrupt, removing and recreating.

        I've tried recreating the key using the following commands:

        rm /var/unbound/root.key
        unbound-anchor -4 -a /var/unbound/root.key
        chown unbound /var/unbound/root.key

        I get no errors. But if I restart Unbound, I still see: /status_services.php: Unbound /var/unbound/root.key file is corrupt, removing and recreating. in the logs...

        Also, it takes about a minute to restart. No clue if these two issues are related. But any help anyone could provide would be much appreciated.

        DNS resolution works just fine despite these issues. I'm at a loss.

        Cheers

        M 1 Reply Last reply Reply Quote 0
        • M
          mUnChiE @5055
          last edited by

          @5055 I have same issue. Did you fix this?

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @mUnChiE
            last edited by

            @munchie
            The OP was using earlier pfSense version.
            What is your version ?
            What does your /var/unbound/root.key contain ?

            During boot, look at the the console, any non normal messages ?

            Btw : this root.key is the DNSSEC root key. It can change upstream, that that would be extremely rare.
            It is updated regularly, and the time stamps in the file reflect this.
            pfSense should use the exact time. This is mandatory, for DNSSEC to work.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.