Awhile back I’d mentioned I was having a problem with letsencrypt certs not
working after being auto-updated.
This happened again yesterday and the issue is caused by the certs ownership
settings.
My CouchDB is installed on a DigitalOcean VPS running Ubuntu 16.04
You can see the difference between the old and new certs below:
-rw-r--r-- 1 couchdb root 1903 Jul 23 22:12 cert6.pem
-rw-r--r-- 1 root root 1903 Oct 22 18:10 cert7.pem
-rw-r--r-- 1 couchdb root 1647 Jul 23 22:12 chain6.pem
-rw-r--r-- 1 root root 1647 Oct 22 18:10 chain7.pem
-rw-r--r-- 1 couchdb root 3550 Jul 23 22:12 fullchain6.pem
-rw-r--r-- 1 root root 3550 Oct 22 18:10 fullchain7.pem
-rw------- 1 couchdb root 1708 Jul 23 22:12 privkey6.pem
-rw------- 1 root root 1708 Oct 22 18:10 privkey7.pem
After the letsencrypt update the new certs ownership need to be reset like so:
sudo chown couchdb:root
/opt/couchdb/letsencrypt/archive/cherrypc.com/cert7.pem
And should look like something like this:
-rw-r--r-- 1 couchdb root 1903 Oct 22 18:10 cert7.pem
-rw-r--r-- 1 couchdb root 1647 Oct 22 18:10 chain7.pem
-rw-r--r-- 1 couchdb root 3550 Oct 22 18:10 fullchain7.pem
-rw------- 1 couchdb root 1708 Oct 22 18:10 privkey7.pem
( Hopefully sharing this here will help me remember this 3 months from now :D )
--
Kindest Regards,
Bill Stephenson
