All,

On 11/29/21 09:34, Josealf.rm via stunnel-users wrote:
> Hola Jose,
>
> Private key should be readable just for the user running stunnel. Try
>
> chmod 600 /etc/ssl/private.key

I would also:

$ chown root:root /etc/ssl/private.key

There's no reason for the "www-data" group to own that file.

-chris

>> On 29/11/2021, at 9:13 AM, jose isaias cabrera <jicman@gmail.com> wrote:
>>
>> 
>>
>> Greetings!
>>
>> I have duckduckgo'ed and I have not found an answer, but what should be the permissions for the private key since the stunnel is giving me a warning/error regarding that:
>> ...
>> [ ] Loading private key from file: /etc/ssl/private.key
>> [:] Insecure file permissions on /etc/ssl/private.key
>> [ ] Private key loaded from file: /etc/ssl/private.key
>> ...
>>
>> this is that I have set:
>> jic@web:~$ ls -l  /etc/ssl/private.key
>> -rw-r--r-- 1 root www-data 1702 Oct 13 02:54 /etc/ssl/private.key
>>
>> the www-data is the user that runs the website.  All is running well, apparently, but, I would like to set the correct permission on the private.key file. Thanks for your support.
>>
>> josé
>>
>> --
>>
>> What if eternity is real?  Where will you spend it?  Hmmmm...
>> _______________________________________________
>> stunnel-users mailing list -- stunnel-users@stunnel.org
>> To unsubscribe send an email to stunnel-users-leave@stunnel.org
>
> _______________________________________________
> stunnel-users mailing list -- stunnel-users@stunnel.org
> To unsubscribe send an email to stunnel-users-leave@stunnel.org
>
_______________________________________________
stunnel-users mailing list -- stunnel-users@stunnel.org
To unsubscribe send an email to stunnel-users-leave@stunnel.org