How to serve SSL certs without sudo?

Hi, I am hosting a website on HTTPS. Got the SSL certs using cerbot from letsencrypt. Running the Sanic app I wrote to serve the website but it requires sudo permission to serve the certs which are obviously root only files.

I do not want to give root permission to my Sanic app. Would be very happy to know “How to serve SSL certs without sudo?”

You shouldn’t need to run Sanic with root permissions. Likely you just need to chmod the certs so that Sanic can access them. What are they currently set to? What is the current owner of the files? What user is Sanic running?

Certs are with the following permissions. All set to root. Sanic is running as ubuntu user (AWS EC2 default)

So that’s your problem. Change the certs so that the Ubuntu user can read them.

1 Like