Permission denied to cacerts file - SSL
11,457
Solution 1
Use sudo. That prevents permission escalation
Solution 2
Increasing file permission to 777 solved the issue.
Related videos on Youtube
07 : 51
Unable to connect to SSL due to javax.net.ssl.SSLHandshakeException
02 : 11
Android keystore access denied problem(solved)
13 : 59
How To Import SSL in JRE/Cacerts/Keystore (in easy way)
01 : 31
Unix & Linux: Permission denied to cacerts file - SSL (2 Solutions!!)
10 : 08
Import Public Certificates to cacerts or jssecacerts using keytool
Author by
Guy Tabak
Updated on September 18, 2022Comments
-
Guy Tabak over 1 year
I have installed a Red Hat 6.8 machine, on which I have installed a certificate on the default keystore 'cacerts' successfully. When trying to invoke a software which is using SSL and is trying to access the keystore 'cacerts' (invoked as applicative user - not root), I receive the following error message: 'java.io.FileNotFoundException: Permission denied'.
From my research online, any user should have access to the 'cacerts' keystore (although the owner of the file is 'root').
-
Kyle H over 7 yearsWhat are the permissions on the directory and file? Owned by root:root and with rwxr-xr-x permissions on the directory should allow the user to access the directory contents. Then it depends on the file permissions and selinux. What distro, do you have selinux enforcing? If so, what is the selinux context shown by 'ls -lZ <filename>' -
Guy Tabak over 7 yearsGroup and owner is root (root:root), folder permission is drwxr-xr-x (only read permission should be needed).
-
Guy Tabak over 7 years* Increasing file permission to 777 solved the issue. Thanks for your help.
-
-
Odyssee over 5 yearsNever, I repeat, NEVER set your file permissions to 777. This introduces a lot of security risks. You are basically opening up the file to be modified and executed by anyone who can access the server.
