Matching debian's existing practice of using the ssl-cert group is the right thing to do here.
The keys should have something like 640 perms and root:ssl-cert ownership. (root until the package works as a non-root user, but still chgrp ssl-cert if the user running it is root or in that group.) -JimC -- James Cloos <[email protected]> OpenPGP: 0x997A9F17ED7DAEA6 _______________________________________________ Letsencrypt-devel mailing list [email protected] https://lists.alioth.debian.org/mailman/listinfo/letsencrypt-devel
