[Letsencrypt-devel] Bug#819107: letsencrypt: Wrong file permissions on private key

David Rohleder davro at ics.muni.cz
Wed Mar 23 20:08:24 UTC 2016

Package: letsencrypt
Version: 0.4.1-1
Severity: normal

Dear Maintainer,

as a part of gitlab package, letsencrypt certificate is installed. I have checked file permissions on private key file
and it is readable by all. Private key should be kept readable just to appropriate applications (web servers, etc.)


David Rohleder

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.3.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set LC_ALL to default locale: No such file or directory
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages letsencrypt depends on:
ii  dialog              1.3-20160209-1
ii  python-letsencrypt  0.4.1-1
pn  python:any          <none>

letsencrypt recommends no packages.

Versions of packages letsencrypt suggests:
pn  python-letsencrypt-apache  <none>
pn  python-letsencrypt-doc     <none>

-- debconf information:

More information about the Letsencrypt-devel mailing list