Permissions on certificate bundles

Started by Stilez, August 26, 2020, 02:04:45 AM

Previous topic - Next topic
The docs just state to set "some sane permissions" on certificate bundles for the internal web server.  Hardly specific.


What permissions are minimally recommended for the internal web server?


Would similar permissions be appropriate for other certs like SSH?


Thanks for answers, and if someone could update the docs with that info it could help others too :)

400 if the Webserver owns the file or
640 if the file is owned by root and the Webserver gets access by a specific group

Higher up in the doc it already mentions 400, probably an oversight it doesn't say so at the bottom.


Cheers,
Franco