tls le { cert-file "/etc/letsencrypt/live/$BASE_URL/fullchain.pem"; key-file "/etc/letsencrypt/live/$BASE_URL/privkey.pem"; }; options { directory "/var/cache/bind"; recursion yes; allow-recursion { any; }; listen-on { any; }; listen-on-v6 { any; }; listen-on tls le { any; }; listen-on-v6 tls le { any; }; //listen-on tls le http default { any; }; //listen-on-v6 tls le http default { any; }; dnssec-validation auto; };