File permissions on ES certificate files in Docker

I've set up a three node ES cluster under Docker using these instructions: Encrypting communications in an Elasticsearch Docker Container | Elasticsearch Guide [7.13] | Elastic

I'm using ES 7.6.2

In this set up, the certificate and key files reside on the host, and the container has access to them through a docker volume.

I noticed that the file permissions on the certificate and key are 664. In the interest of further securing our environment I changed the permissions to 660, but when I did the ES cluster would not form due to a file access error

Does ES depend on the file permissions being 664 for the certificate and key files? Is there a way to change the file bits to a less permissive setting?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.