aboutsummaryrefslogtreecommitdiff
path: root/contrib/unbound/doc/unbound-anchor.8
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/unbound/doc/unbound-anchor.8')
-rw-r--r--contrib/unbound/doc/unbound-anchor.814
1 files changed, 7 insertions, 7 deletions
diff --git a/contrib/unbound/doc/unbound-anchor.8 b/contrib/unbound/doc/unbound-anchor.8
index 268640d8155c..23c1dd4b060f 100644
--- a/contrib/unbound/doc/unbound-anchor.8
+++ b/contrib/unbound/doc/unbound-anchor.8
@@ -1,4 +1,4 @@
-.TH "unbound-anchor" "8" "Feb 10, 2022" "NLnet Labs" "unbound 1.15.0"
+.TH "unbound-anchor" "8" "Jul 16, 2025" "NLnet Labs" "unbound 1.23.1"
.\"
.\" unbound-anchor.8 -- unbound anchor maintenance utility manual
.\"
@@ -26,13 +26,13 @@ Suggested usage:
.nf
# in the init scripts.
# provide or update the root anchor (if necessary)
- unbound-anchor \-a "@UNBOUND_ROOTKEY_FILE@"
+ unbound-anchor \-a "/var/unbound/root.key"
# Please note usage of this root anchor is at your own risk
# and under the terms of our LICENSE (see source).
#
# start validating resolver
# the unbound.conf contains:
- # auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@"
+ # auto-trust-anchor-file: "/var/unbound/root.key"
unbound \-c unbound.conf
.fi
.P
@@ -53,12 +53,12 @@ The available options are:
.TP
.B \-a \fIfile
The root anchor key file, that is read in and written out.
-Default is @UNBOUND_ROOTKEY_FILE@.
+Default is /var/unbound/root.key.
If the file does not exist, or is empty, a builtin root key is written to it.
.TP
.B \-c \fIfile
The root update certificate file, that is read in.
-Default is @UNBOUND_ROOTCERT_FILE@.
+Default is /var/unbound/icannbundle.pem.
If the file does not exist, or is empty, a builtin certificate is used.
.TP
.B \-l
@@ -169,11 +169,11 @@ The build\-in configuration can be overridden by providing a root\-cert
file and a rootkey file.
.SH "FILES"
.TP
-.I @UNBOUND_ROOTKEY_FILE@
+.I /var/unbound/root.key
The root anchor file, updated with 5011 tracking, and read and written to.
The file is created if it does not exist.
.TP
-.I @UNBOUND_ROOTCERT_FILE@
+.I /var/unbound/icannbundle.pem
The trusted self\-signed certificate that is used to verify the downloaded
DNSSEC root trust anchor. You can update it by fetching it from
https://data.iana.org/root\-anchors/icannbundle.pem (and validate it).
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-15 14:00:18 +0000