23 Jan
2025
23 Jan
'25
8:44 a.m.
Robert Nowotny via dovecot skrev den 2025-01-22 20:16:
Hey Marco, this is what to do:
dovecot starts as root, and drops priveleges later, so group it non rooted is a security problem on its own :)
certbot creates letencrypt pem files owned by root and grouped root, only the private key cant be readed by other users then root
dont make it more complicated
ssl_cert = </etc/letsencrypt/live/example.com/fullchain.pem
ls -lr /etc/letsencrypt/live/