Am 10.02.2017 um 00:22 schrieb Jose Novacho: > > if I replace the symbolic link with the actual file fullchain1.pem > everything works as expected. > > I have also replaced the link, so it points at the > /etc/letsencrypt//archive//trinity.ingames.cz/cert1.pem file. But > that didn't help either. I'm still getting permission denied on the > cert file.
On Ubuntu, the charon process is confined by Apparmor and its profile [*] doesn't let it read files from random locations on the filesystem. If you put the various .pem under their dedicated directories under /etc/ipsec.d/ Apparmor will let charon access them. HTH, Simon *: see /etc/apparmor.d/usr.lib.ipsec.charon
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
