I know it is not a security issue per se, but certain applications (hello sendmail) will refuse to use a group (or world) readable keyfile. Dec 7 15:03:20 lupus sendmail[17357]: STARTTLS=server: file /etc/letsencrypt/live/mail.olen.net/privkey.pem unsafe: World readable file It does not matte…

Keyfile is group/world readable (not really but sendmail believes so)

olen December 8, 2015, 8:00am 2

Sorry.

Found this request which is about the same issue: