summaryrefslogtreecommitdiff
path: root/conf/plugins/unbound.opt
diff options
context:
space:
mode:
Diffstat (limited to 'conf/plugins/unbound.opt')
-rw-r--r--conf/plugins/unbound.opt17
1 files changed, 17 insertions, 0 deletions
diff --git a/conf/plugins/unbound.opt b/conf/plugins/unbound.opt
new file mode 100644
index 000000000..f8ca9ca12
--- /dev/null
+++ b/conf/plugins/unbound.opt
@@ -0,0 +1,17 @@
+charon.plugins.unbound.resolv_conf = /etc/resolv.conf
+ File to read DNS resolver configuration from.
+
+charon.plugins.unbound.trust_anchors = /etc/ipsec.d/dnssec.keys
+ File to read DNSSEC trust anchors from (usually root zone KSK).
+
+ File to read DNSSEC trust anchors from (usually root zone KSK). The format
+ of the file is the standard DNS Zone file format, anchors can be stored as
+ DS or DNSKEY entries in the file.
+
+charon.plugins.unbound.dlv_anchors =
+ File to read trusted keys for DLV (DNSSEC Lookaside Validation) from.
+
+ File to read trusted keys for DLV (DNSSEC Lookaside Validation) from. It
+ uses the same format as _trust_anchors_. Only one DLV can be configured,
+ which is then used as a root trusted DLV, this means that it is a lookaside
+ for the root.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-02 17:52:30 +0000