mod_ssl rpm in RHEL 5.4 is creating a certificate which is readable only by root

Solution Verified - Updated -

Issue

  • When mod_ssl is installed, it generates a certificate and key file. It sets the umask to 077 causing both the key and certificate file to be readable by root only. While this is correct for the private key (/etc/pki/tls/private/localhost.key), the certificate file (/etc/pki/tls/certs/localhost.crt) should be world readable. Because the certificate file is not world-readable, certain applications that use openssl can not read the certificate which could lead to problems or authentication failures.

Environment

  • Red Hat Enterprise Linux (RHEL) 5.4
  • mod-ssl-2.2.3-31.el5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.