Original installation makes note of permission issues with letsencrypt. I have found that permission issues pop back up every time that letsencrypt renewal occurs: zmeventnotification.pl exits with a permission denied error. Is there a way to resolve this w/o having to discover the issue and manually correct (change permission on private key)?
OS: Debian 10.
Owner needs to be www-data (letsencrypt creates new private keys with owner "root," mode 0700).
zmeventnotification and letsencrypt permission issues
Re: zmeventnotification and letsencrypt permission issues
This seems to be a recurring topic in letsencrypt forums. I haven’t research or tried but when I did a search I came up with posts that talk about a deploy script for LE that basically changes permissions. These scripts get triggered by LE automatically when certs are renewed.
There are many posts - I read this https://community.letsencrypt.org/t/how ... ces/2690/9
There are many posts - I read this https://community.letsencrypt.org/t/how ... ces/2690/9
I no longer work on zmNinja, zmeventnotification, pyzm or mlapi. I may respond on occasion based on my available time/interest.
Please read before posting:
How to set up logging properly
How to troubleshoot and report - ES
How to troubleshoot and report - zmNinja
ES docs
zmNinja docs
Please read before posting:
How to set up logging properly
How to troubleshoot and report - ES
How to troubleshoot and report - zmNinja
ES docs
zmNinja docs
Re: zmeventnotification and letsencrypt permission issues
Many thanks! That got me pointed in the right direction.
More info on letsencrypt and cert renewals:
https://certbot.eff.org/docs/using.html ... rtificates
Looks like I only need to create a simple script to change the owner on the newly created privkey file (to www-data) and locate the script in the 'deploy' directory.
More info on letsencrypt and cert renewals:
https://certbot.eff.org/docs/using.html ... rtificates
Looks like I only need to create a simple script to change the owner on the newly created privkey file (to www-data) and locate the script in the 'deploy' directory.