Elasticsearch.service: Main process exited, code=exited, status=1/FAILURE when setting TLS

Elastic Stack Elasticsearch
4

HI,
Got a bit more info.

My permissions on cert files are as follow:
-rwxrwxr-x 1 root elasticsearch 3443 Jun 27 17:39 clustercerts.p12
-rwxrwxr-x 1 root root 2527 Jun 27 16:11 firm-rblog-ca-cert.p12

However, I was able to find some permission issues in the cluster log

**Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "/usr/share/elasticsearch/clustercerts.p12" "read")**

More of the listing below:

[2019-06-27T18:11:26,107][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [firm-rbl01] uncaught exception in thread [main]

org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: failed to load plugin class [org.elasticsearch.xpack.core.XPackPlugin]

....
Caused by: org.elasticsearch.ElasticsearchException: failed to initialize a TrustManagerFactory
at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:61) ~[?:?]
at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:382) ~[?:?]

....

Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "/usr/share/elasticsearch/clustercerts.p12" "read")
	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472) ~[?:?]
	at java.security.AccessController.checkPermission(AccessController.java:1042) ~[?:?]
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:408) ~[?:?]
	at java.lang.SecurityManager.checkRead(SecurityManager.java:747) ~[?:?]
	at sun.nio.fs.UnixChannelFactory.open(UnixChannelFactory.java:255) ~[?:?]

Why is there permission issue when everyone has read access at the moment.