Sync via ssh fails when ssl is active

Johan johan at oxyl.net
Wed Jan 26 09:53:26 UTC 2022


I have set privileges to 755 for letsencrypt/live and 
letsencrypt/archive and sync now seems to function properly.

BUT, I shouldn't have to change privileges as it's a serious SECURITY 
issue. My *private* keys becomes visible to any user in the system. 
Dovecot obviously can access the cert when it comes to imap/ssl, then 
why does sync between dovecot servers require extended privileges to the 
same certs the server is already using?

/Johan Pålsson


Den 2022-01-25 kl. 14:35, skrev Christian Mack:
> Hello
> 
> Am 20.01.22 um 16:32 schrieb Johan:
>>
>> Jan 20 16:13:09 doveadm: Error: doveconf: Fatal: Error in configuration
>> file /etc/dovecot/conf.d/10-ssl.conf line 16: ssl_cert: Can't open file
>> /etc/letsencrypt/live/delta.oxyl.net/fullchain.pem: Permission denied
> 
> Check permission on /etc/letsencrypt/live/delta.oxyl.net/fullchain.pem
> 
> 
> Kind regards,
> Christian Mack
> 


More information about the dovecot mailing list