1

I have a node.js application running on ElasticBeanstalk. Part of it's configuration is a path to a .p12 key file. When the application attempts to use the key file, a permission denied exception is thrown.

My question is if I am placing the key file in the best location with the correct permissions, or if there is some other place or permissions I should be using.

The application is a parse-server-example clone which gets installed to /var/app/current on the EB server. I have placed the key file in /home/ec2-user/.ssh. I have tried setting permissions on the key file to 400, 644, and even 777.The .ssh directory itself has 700. The error I see is:

parse-server-example running on port 8081. /var/app/current/node_modules/parse-server/lib/ParseServer.js:339 throw err; ^

Error: EACCES: permission denied, open '/home/ec2-user/.ssh/key.p12' at Error (native)

Improve this question

2 Answers 2

Reset to default
0

I got this too when trying to install/run etherpad

It turns out this was not to do with the perms of the files, but those of a higher-up directory

If I do this as root, I get:

ls -l /etc/letsencrypt/live/domain/privkey.pem lrwxrwxrwx 1 root root 42 May 20 13:03 /etc/letsencrypt/live/domain/privkey.pem -> ../../archive/domain/privkey1.pem

But if I run the same command as etherpad I get a permission denied.

Doing ls -ld on each directory up revealed that live had permissions rwx------, that is, the directory could neither be read nor listed.

chmod 755 /etc/letsencrypt/live /etc/letsencrypt/archive

This fixes the issue in my case. Your mileage may vary.

Improve this answer
0

What ended up working for me was to create a directory for the .p12 key and giving ownership of the directory and key to the nodejs user.

sudo mkdir -p /etc/foo sudo chown nodejs /etc/foo sudo chmod 700 /etc/foo sudo cp my_key.p12 /etc/foo sudo chown nodejs /etc/foo/my_key.p12 sudo chmod 600 /etc/foo/my_key.p12
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.