mod_ssl rpm in RHEL 5.4 is creating a certificate which is readable only by root

Solution Verified - Updated -

Issue

  • When mod_ssl is installed, it generates a certificate and key file. It sets the umask to 077 causing both the key and certificate file to be readable by root only. While this is correct for the private key (/etc/pki/tls/private/localhost.key), the certificate file (/etc/pki/tls/certs/localhost.crt) should be world readable. Because the certificate file is not world-readable, certain applications that use openssl can not read the certificate which could lead to problems or authentication failures.

Environment

  • Red Hat Enterprise Linux (RHEL) 5.4
  • mod-ssl-2.2.3-31.el5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content