Project

General

Profile

Bug #6862

mode 0444 for /var/etc/cert.crt leads to nginx crit error: 13: Permission denied

Added by Harry Coin almost 3 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
Normal
Category:
Web Interface
Target version:
Start date:
10/18/2016
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.3.2
Affected Architecture:
All

Description

/var/etc/cert.crt has mode 0444, leading to
/var/log/nginx-error.log entries like
2016/10/16 16:06:14 [crit] 61476#100169: *271 SSL_write() failed (SSL:) (13: Permission denied) while sending to client, client: 192.168.29.45, server: , request: "POST /diag_resetstate.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "192.168.XX.2", referrer: "https://192.168.XX.2/diag_resetstate.php"

and

2016/10/16 16:06:14 [crit] 61476#100169: *271 SSL_write() failed (SSL:) (13: Permission denied) while sending to client, client: 192.168.29.45, server: , request: "POST /diag_resetstate.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "192.168.XX.2", referrer: "https://192.168.XX.2/diag_resetstate.php"

adding the shellcmd

chmod go+r /var/etc/cert.crt

is a work-around.

Associated revisions

Revision 6e2f015a (diff)
Added by Doktor Notor over 2 years ago

Fix nginx certificate permissions (Bug #6862)

History

#1 Updated by Harry Coin almost 3 years ago

title should have had protection of 0600, workaround changes it to 0644

#2 Updated by Jim Thompson almost 3 years ago

  • Assignee set to Renato Botelho

#4 Updated by Jim Pingle about 2 years ago

  • Status changed from New to Resolved
  • Target version set to 2.4.0

PR was merged months ago and the permissions look correct.

Also available in: Atom PDF