I have an Apache server that serves a web application through https with a certificate. I also have a Node.js back-end/API which handles all the applications requests.
The traffic from Apache to the client is secure, but at the moment the traffic from the client to my back-end is not. I'd like to change this by also using https for my Node.js API, using the same certificate as suggested in: this question.
To do this I made a group certs and edited the nodeapi.service file in sytemd so that it belongs to that group. I also added the user running the node.js service to that group:
groups nodeuser
nodeuser : nodeuser sudo certs
Then I changed the permissions of the files so that the group can access them:
-rw-rwx--- 1 600 certs 1931 Nov 20 15:13 certificate.crt
-rw-rwx--- 1 600 certs 1704 Nov 20 15:12 certificate.key
I hoped this would work but node crashes:
Error: EACCES: permission denied, open './cert/certificate.key'
What could I have missed?
Best Answer
The comment by RubberStamp is the answer. The group
certshad no execute permission on the folder so it could not look inside. Setting the permission of the folder to at least550worked.