From 455e9d6e86de1ce38eecce0c9090f6ca5f756987 Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Fri, 3 Nov 2023 13:34:24 +0100
Subject: [PATCH] unbound: use tls-system-cert

According to the documentation that should work since 23.7.7.
---
 src/opnsense/service/templates/OPNsense/Unbound/core/dot.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/opnsense/service/templates/OPNsense/Unbound/core/dot.conf b/src/opnsense/service/templates/OPNsense/Unbound/core/dot.conf
index f5cbd3265..98d71d074 100644
--- a/src/opnsense/service/templates/OPNsense/Unbound/core/dot.conf
+++ b/src/opnsense/service/templates/OPNsense/Unbound/core/dot.conf
@@ -37,7 +37,7 @@ forward-zone:
 {%   if all_dots|length > 0 %}
 # Forward zones over TLS
 server:
-  tls-cert-bundle: /etc/ssl/cert.pem
+  tls-system-cert: yes
 {%     for domain, dots in all_dots|groupby("domain", default=".") %}
 
 forward-zone: