unbound[6165:0] fatal error: could not set up remote-control

This is a follow-up question to my 2nd question. The solution by @mpboden was implemented. In addition, I have added the auto-trust-anchor-file: and enabled remote-control:, as is defined in the Unbound example for Setting up for the rest of the network example.

server:
    directory: "/etc/unbound"
    username: "unbound"
    chroot: ""
    verbosity: 1
    logfile: "/etc/unbound/unbound.log"
    pidfile: "/etc/unbound/unbound.pid"
    # location of the trust anchor file that enables DNSSEC
    auto-trust-anchor-file: "/var/lib/unbound/root.key"
    # send minimal amount of information to upstream servers to enhance privacy
    qname-minimisation: yes
    # The port number on which the server responds to queries. 
    port: 3000
    # the interface that is used to connect to the network (this will listen to all interfaces)
    interface: 0.0.0.0
    interface: ::0
    # addresses from the IP range that are allowed to connect to the resolver
    access-control: 192.168.1.0/24 allow
    access-control: 2001:DB8::/64 allow

remote-control:
    # allows controling unbound using "unbound-control"
    control-enable: yes

However, I discovered 4 errors and 1 failure message using debug mode. From my troubleshooting efforts, I found that these error and failure messages occurred whenever control-enable: yes was allowed.

root@DNS:/etc/unbound# unbound -d -vv -c unbound.conf
[1730259092] unbound[6165:0] notice: Start of unbound 1.19.2.
[1730259092] unbound[6165:0] error: Error for server-cert-file: /etc/unbound/unbound_server.pem
[1730259092] unbound[6165:0] error: Error in SSL_CTX use_certificate_chain_file crypto error:80000002:system library::No such file or directory
[1730259092] unbound[6165:0] error: and additionally crypto error:10080002:BIO routines::system lib
[1730259092] unbound[6165:0] error: and additionally crypto error:0A080002:SSL routines::system lib
[1730259092] unbound[6165:0] fatal error: could not set up remote-control

I have checked that /var/lib/unbound/root.key exists. Unbound still works but unbound-control can't be used. Unbound is looking for /etc/unbound/unbound_server.pem but this file does not exist. How do I resolve this remote-control config issue?

Update:

with @mpboden answer, I discovered that the command unbound-control-setup is meant to create these files in /etc/unbound: unbound_control.pem, unbound_server.pem, unbound_control.key, unbound_server.key, to allow remote control.

root@DNS:/etc/unbound# unbound-control-setup -h
usage: /usr/sbin/unbound-control-setup OPTIONS
OPTIONS
-d <dir>  used directory to store keys and certificates (default: /etc/unbound)
-h        show help notice
-r        recreate certificates
root@DNS:/etc/unbound# unbound-control-setup
setup in directory /etc/unbound
Certificate request self-signature ok
subject=CN = unbound-control
removing artifacts
Setup success. Certificates created. Enable in unbound.conf file to use
root@DNS:/etc/unbound# ls
unbound.conf    unbound.conf.d       unbound.pid          unbound_control.pem  unbound_server.pem
unbound.log     unbound_control.key  unbound_server.key