Broken trust chain resolving 'mail.yahoo.co.jp/A/IN'

Hello. Anyone got any ideas/pointers to explain this?

I have been running a forwarding-only nameserver (BIND 9.16.21) with my Fedora 34 installation, pointing to 1.1.1.3 / 1.0.0.3. All has been working well for some time, until I tried to resolve yahoo.co.jp (or mail.yahoo.co.jp or www.yahoo.co.jp) and get something like:

named[34345]: broken trust chain resolving ‘www.yahoo.co.jp/A/IN’: 1.1.1.3#53

I can get around this by either:
using “forward first” configuration, or
using another DNS provider

Thanks

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.