[dnsdist] Permission denied - SSL certificates
Mark.Smith at dataip.co.uk
Fri May 15 12:14:33 UTC 2020
Thanks for the quick reply.
I should have spotted the change to running under another user.
I have now moved a copy of the server.key file in to the /etc/dnsdist
directory, and set permissions for the _dnsdist group.
Obviously, I updated the config file to point to the new location of
the .key file.
All now runs fine.
A bit odd as the permissions for the server.key file were previously
666 which I thought would be okay. It should have been 'world'
Note.. the group on mine is _dnsdist rather than dnsdist ... I assume
this is as it should be.
Thanks again for your help
That comes from dnsdist 1.5‑rc2 not being started as root anymore, and
therefore likely not being able to enter the /etc/ssl/private
Please read the upgrade guide at .
Several options exist there, you could copy the necessary files in
/etc/dnsdist and set the ownership of these files to dnsdist, or
the dnsdist user could be added to the group owning the
directory (ssl‑cert on Debian, if I'm not mistaken), for example.
PowerDNS.COM BV ‑ https://www.powerdns.com/
tel. +44(0)1785 609520
smtp:Mark.Smith at dataIP.co.uk
More information about the dnsdist