Hi one small issue with ssl-certs: they must be readable by the ats-user
httpd reads them at startup before downgrade uid/gid the benefit is that they can have chmod 400 and owned by root in case of a security relevant bug that may prevent leaks _________________________ my personal issue is that we distribute the wildcard-cert to all relevant machines in a own directory which chmod 400 and after the cert expires and is re-newed the admin server can distribute it for now i need to make a ats-readable copy because a hard-link would have the same permissions on both and in case of fire up the distribute script they are reset
signature.asc
Description: OpenPGP digital signature
