[Letsencrypt-devel] Bug#859209: certbot: pem files should belong to group ssl-cert
Xavier Bestel
xav at awak.mobi
Fri Mar 31 15:39:07 UTC 2017
Package: certbot
Version: 0.10.2-1
Severity: normal
Hi,
Files generated by certbot (*.pem) aren't by default readable by applications - e.g. if I want to make cyrus use letsencrypt I can't.
I have to manually chgrp -R ssl-cert /etc/letsencrypt (and addgroup cyrus ssl-cert) but the former will be lost at the next certbot update.
Would it be possible to make the whole directory root.ssl-cert ?
Regards,
Xav
-- System Information:
Debian Release: 9.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages certbot depends on:
ii init-system-helpers 1.47
ii python-certbot 0.10.2-1
pn python:any <none>
certbot recommends no packages.
Versions of packages certbot suggests:
ii python-certbot-apache 0.10.2-1
pn python-certbot-doc <none>
-- no debconf information
More information about the Letsencrypt-devel
mailing list