NGINX SSL directory and .crt and .key files permissions

Carlo

12/12/23, 8:56 PM

in folder /etc/nginx/ssl/ I have public and private key for domain for wildcard SSL certificate purchased from CA and transferred as root to that folder. SSL request has made on another windows server but domain name is same on both servers. For example sub1.domain.com is on IIS and domain.com is on NGINX. Because it is wildcard SSL and only DV this should work (and it does) ?

In site config I've added cert like this

    ssl_certificate     /etc/nginx/ssl/domain.crt;
    ssl_certificate_key /etc/nginx/ssl/domain.key;

Can you please check folder and files permissions and suggest change if needed

Folder

drwxr-xr-x 2 root root 4096 Dec 12 21:23 ssl

Files

-rw-r--r-- 1 root root 2199 Dec 12 21:18 domain.crt
-rw-r--r-- 1 root root 1732 Dec 12 21:19 domain.key

Can I do anything to protect that better?

Thanks, Carlo

0 + 0

security

linux

ssl

nginx

web-server

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: NGINX SSL directory and .crt and .key files permissions

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.