For system-wide use, OpenSSL should provide you /etc/ssl/certs and /etc/ssl/private. The latter of which will be restricted 700 to root:root.
If you have an application that doesn’t perform initial privilege separation from root, then it might suit you to locate them somewhere local to the application with the relevantly restricted ownership and permissions.
Related Posts:
- How do I grep recursively?
- How do I grep recursively?
- No space left on device
- How do I grep recursively?
- How do I use grep to search the current directory for all files having the a string “hello” yet display only .h and .cc files?
- SSH using python script
- Curl command for https ( SSL )
- How can I exclude directories from grep -R?
- How can I exclude directories from grep -R?
- Argument list too long error for rm, cp, mv commands
- Difference between using “chmod a+x” and “chmod 755”
- How to cat <
> a file containing code? - Extract file basename without path and extension in bash
- Given two directory trees, how can I find out which files differ by content?
- Diff command along with Grep gives “Binary file (standard input) matches”
- What does it mean to mount a file system in linux?
- How to download a file from server using SSH?
- What is the difference between “#!/usr/bin/env bash” and “#!/usr/bin/bash”?
- What does `set -x` do?
- Command to change the default home directory of a user
- Unable to establish SSL connection upon wget on Ubuntu 14.04 LTS
- Using ls to list directories and their total sizes
- What does “&” at the end of a linux command mean?
- Can’t remove a directory in Unix
- wget returns “Unable to establish SSL connection”
- Syntax error near unexpected token ‘then’
- C fopen vs open
- Restarting cron after changing crontab file?
- How do I write stderr to a file while using “tee” with a pipe?
- cd into directory without having permission
- Copying a large directory tree locally? cp or rsync?
- Can I nohup/screen an already-started process?
- Environment variables of a running process on Unix?
- df in linux not showing correct free space after file removal
- In my /etc/hosts/ file on Linux/OSX, how do I do a wildcard subdomain?
- When does /tmp get cleared?
- LVM dangers and caveats
- Is it possible to detach a process from its terminal? (Or, “I should have used screen!”) [duplicate]
- What does ‘set -e’ do, and why might it be considered dangerous?
- Meaning of directories on Unix and Unix like systems
- How to remove empty/blank lines from a file in Unix (including spaces)?
- How to forcibly close a socket in TIME_WAIT?
- How can I rename a Unix user?
- How to get pid of just started process
- Can you have more than one ~/.ssh/config file?
- How to disable everything in crontab -l?
- How to sort ps output by process start time?
- How to install OpenSSL in windows 10?
- How do I deal with a filename that starts with the hyphen (-) character?
- Chmod 777 to a folder and all contents [duplicate]
- Bash: No such file or directory?
- Cannot connect to the Docker daemon at unix:/var/run/docker.sock. Is the docker daemon running?
- Confused about stdin, stdout and stderr?
- What’s a .sh file?
- SSL Error: unable to get local issuer certificate
- Amazon Linux: apt-get: command not found
- How to set the environmental variable LD_LIBRARY_PATH in linux
- What’s a .sh file?
- Why does ENOENT mean “No such file or directory”?
- sudo: npm: command not found
- How can I symlink a file in Linux? [closed]
- curl: (60) SSL certificate problem: unable to get local issuer certificate
- How to fix ‘sudo: no tty present and no askpass program specified’ error?
- Kill detached screen session [closed]
- curl: (60) SSL certificate problem: unable to get local issuer certificate
- Openssl : error “self signed certificate in certificate chain”
- Why do you need to put #!/bin/bash at the beginning of a script file?
- How to get the url of the current svn repo?
- What is .crt and .key files and how to generate them?
- What does pss mean in /proc/pid/smaps
- apt-get error: Sub-process /usr/bin/dpkg returned an error code (1)
- What is the meaning of *nix?
- How do I find all files containing specific text on Linux?
- How to unmount a busy device
- “Couldn’t find a file descriptor referring to the console” on Ubuntu bash on Windows
- NET::ERR_CERT_REVOKED in Chrome, when the certificate is not actually revoked
- How to unmount a busy device
- How to kill a process running on particular port in Linux?
- error: ‘Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2)’ — Missing /var/run/mysqld/mysqld.sock
- performing HTTP requests with cURL (using PROXY)
- Where can I find php.ini?
- gzip: stdin: not in gzip format tar: Child returned status 1 tar: Error is not recoverable: exiting now
- error: ‘Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2)’ — Missing /var/run/mysqld/mysqld.sock
- How can I recursively find all files in current and subfolders based on wildcard matching?
- How to perform grep operation on all files in a directory?
- “E: Unable to locate package python-pip” on Ubuntu 18.04 [duplicate]
- Amazon Linux: apt-get: command not found
- How to install grub after installing Windows 10
- Linux: ‘Username’ is not in the sudoers file. This incident will be reported
- how to find libstdc++.so.6: that contain GLIBCXX_3.4.19 for RHEL 6?
- How to extract C source code from .so file?
- Pass a password to ssh in pure bash
- subprocess.Popen(): OSError: [Errno 8] Exec format error in python?
- “E: Unable to locate package python-pip” on Ubuntu 18.04 [duplicate]
- How to substitute shell variables in complex text files
- -bash: syntax error near unexpected token `newline’ for display command
- How can I recursively find all files in current and subfolders based on wildcard matching?
- How to exclude a directory in find . command
- “sed” command in bash
- How to generate a self-signed SSL certificate using OpenSSL?