Hi
I’m currently baffled by a riddle and i’m not sure if i should trust the internet. I have the certificates for office.grosskopfgames.de in the live folder, i can use them if i copy them out, but because standardwise /etc/letsencrypt/live and /etc/letsencrypt/archive are 700 root:root of course when i run libreoffice online as the user lool it cannot access the private key and the certificate as they are in this folder. Nginx on the other hand is able to access files in there. How does this work? on the internet people claim i should just give my user read rights to the live and the archive folder but i feel having my certificate readable by such user would compromise the security of all my private keys or am i wrong about this? how does nginx manage to read those files?
greetings, Gerrit
My domain is:
office.grosskopfgames.de
I ran this command:
loolwsd 3.1 as user lool with the certificates pointing at a copy of the certificates and pointing at the file in /etc/letsencrypt/live
It produced this output:
it crashed when i made it point at the /letsencrypt/live but not when i pointed it at the copy
My web server is (include version):
nginx
The operating system my web server runs on is (include version):
ubuntu 16.04
My hosting provider, if applicable, is:
Strato in germany
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
