Collabora Online

Access to file denied Cert-chain

Installation & Configuration

guenie July 27, 2021, 10:37am 1

I have a Problem to install loolwsd my Certificates was not read
I have this ERROR in the Log
cloud loolwsd[84797]: Access to file denied: /etc/letsencrypt/live/cloud.xxxxxxxxx.at/chain-ecdsa.pem

Is the path to long ? I have the same path and cert in apache server this is working?
I have set up before a test system this is working

Can any help for this Problem

Thanks Günther

No certificat install possible crash

rpear July 29, 2021, 8:38am 2

I don’t know about your setup, just thought I’d mention that 6.4.10-6 was released a day ago, it includes this fix which has helped a lot of people out, hope it helps you too, pls reply to let others know if it helps:

guenie July 30, 2021, 10:16am 3

I have the newest now 6.4.10.20 but the same Problem?

a question is there a limit for the length of the ssl paths? Because I have already set up two test systems where I had no problems with the certificates?
what works is
/etc/letsencrypt/live/cloud.xxxx.xxx/chain-ecdsa.pem

what is not working
/etc/letsencrypt/live/cloud.xxxxxxxxx.xx/chain-ecdsa.pem
I have exactly the same configuration on all systems

bearon September 2, 2021, 4:35pm 4

I don’t think it’s the length of the path… /etc/letsencrypt/live/ tends to be owned by root, and not accessible to anyone else (which is generally desirable, as you want private keys to be actually private). A couple of options on how to solve this situation are detailed here: node.js - Let's encrypt SSL couldn't start by "Error: EACCES: permission denied, open '/etc/letsencrypt/live/domain.net/privkey.pem'" - Stack Overflow

Another option is to set up a terminating reverse proxy, so the certificate handling is done by the reverse proxy (eg. Apache2 or nginx), and not by Collabora Online.

1 Like

Coolwsd failed with let's encrypt?

guenie September 21, 2021, 1:47pm 5

Hello everyone

After the last update, loolwsd no longer works on the installations that have been working up to now? loowsd can simply no longer read in the certificate files (permission denied), someone could look up why this is getting more and more annoying

bearon September 28, 2021, 12:02am 6

Please read my comment above. Also, you could try switching user to lool, and try accessing the certificate file to confirm if it’s indeed a permission problem. If it is, you will have to resolve that yourself based on the suggestions given.

Topic		Replies	Views	Activity
No certificat install possible crash Installation & Configuration	1	668	September 6, 2021
Coolwsd failed with let's encrypt? Installation & Configuration	4	58	March 28, 2024
Using letsencrypt Installation & Configuration	1	401	February 16, 2022
Disable SSL in loolwsd.xml Installation & Configuration	2	3892	February 17, 2021
Getting unauthorized WOPI host error on 127.0.0.1 Installation & Configuration	0	736	May 26, 2021

Documentation DEV: Build instructions DEV: COOL weekly meetings Buy the supported version 💜