i'm looking for a solution to import the trust anchor of a local domain (e.g. "domain.local") created by a DNSSEC-activated Windows DNS-Server into unbound. I already switched from a forwarding-zone (disabled it in web-interface) to a stub-zone for the local-domain by creating the config manually.
Code: Select all
server: domain-insecure: "domain.local" stub-zone: name: "domain.local" stub-addr: 192.168.5.31 stub-addr: 192.168.5.21 stub-prime: yes
https://nlnetlabs.nl/documentation/unbo ... to-anchor/
https://nlnetlabs.nl/documentation/unbo ... nd-anchor/
It seems that unbound-anchor tool is only for importing the root trust-anchor. Or do i miss something and it is possible to add custom trust-anchors?