Robert Nowotny via dovecot skrev den 2025-01-22 20:16:
Hey Marco, this is what to do:
dovecot starts as root, and drops priveleges later, so group it non rooted is a security problem on its own :)
certbot creates letencrypt pem files owned by root and grouped root, only the private key cant be readed by other users then root
dont make it more complicated
ssl_cert = </etc/letsencrypt/live/example.com/fullchain.pem
ls -lr /etc/letsencrypt/live/ _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
