"External" certificate #4216

Eirikr70 · 2024-05-05T16:35:11Z

Eirikr70
May 5, 2024

Hello,
I am setting up an ejabberd server with docker. I get my certificate through my reverse-proxy (linuxserver/swag) on another host. I make it available through an nfs share to the ejabberd host and mount it as a volume in the container. But I have a problem of permission since the private key should be read by ejabberd user, and is readable only by root. I then get

[error] Failed to read PEM file /letsencrypt/privkey1.pem: permission denied
[critical] ejabberd initialization was aborted due to invalid certificates configuration

Should I make it publicly readable (which seems to introduce a vulnerability) ?
Thanks, Eric

Eirikr70 · 2024-05-05T16:56:36Z

Eirikr70
May 5, 2024
Author

Additionally, even if I make it publicly readable, it is considered signed by unknown CA although signed by Letsencrypt.

0 replies

Eirikr70 · 2024-05-05T17:28:24Z

Eirikr70
May 5, 2024
Author

I have deactivated acme challenge and it seems to be working. Sorry for disturbing.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

"External" certificate #4216

{{title}}

Replies: 2 comments

{{title}}

{{title}}

Select a reply

"External" certificate #4216

Eirikr70 May 5, 2024

Replies: 2 comments

Eirikr70 May 5, 2024 Author

Eirikr70 May 5, 2024 Author

Eirikr70
May 5, 2024

Eirikr70
May 5, 2024
Author

Eirikr70
May 5, 2024
Author