Re: verification error: empty key record; insecure key
On Thu, 16 Aug 2012, Murray S. Kucherawy wrote:
> I've posted a question to the unbound-users list to see if there's any
> insight into this issue over there. If it's not a bug in their code or
> documentation, then there might be something we're doing wrong with how
> we're calling libunbound that needs fixing.
The reply on the unbound-users list came quickly. Yes indeed, libunbound
will use a hard-coded set of root nameservers to resolve queries unless it
is explicitly told to use what's in /etc/resolv.conf.
In version 2.6.3, a configuration option called ResolvConf was added that
provides this capability. Anyone that wants to tell a libunbound-aware
opendkim to do this will need to make use of that.
As of 2.6.7, tools like opendkim-testkey and opendkim-testadsp don't check
or apply ResolvConf; only opendkim itself does so. I've opened a feature
request (#3558818) to make sure that's added to those tools in the 2.7.0
release.
-MSK
Received on Fri Aug 17 2012 - 07:12:08 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:20:42 PST