[GH-ISSUE #655] rootCA.pem created with world read permissions #350

New issue

Closed

opened 2026-02-25 22:33:09 +03:00 by kerem · 1 comment

kerem commented

2026-02-25 22:33:09 +03:00

Owner

Originally created by @sebbASF on GitHub (Jan 19, 2026).
Original GitHub issue: https://github.com/FiloSottile/mkcert/issues/655

Environment

Operating system (including version): macOs Sonoma
mkcert version (from mkcert -version): 1.4.4
Server (where the certificate is loaded): N/A
Client (e.g. browser, CLI tool, or script): N/A

What you did

mkcert --install
Did not give valid sudo pasword

What went wrong

The CAROOT directory contains two files:
-r-------- ... rootCA-key.pem
-rw-r--r-- ... rootCA.pem

Surely both files should be read-only to owner only?

Originally created by @sebbASF on GitHub (Jan 19, 2026). Original GitHub issue: https://github.com/FiloSottile/mkcert/issues/655 ## Environment * Operating system (including version): macOs Sonoma * mkcert version (from `mkcert -version`): 1.4.4 * Server (where the certificate is loaded): N/A * Client (e.g. browser, CLI tool, or script): N/A ## What you did mkcert --install Did not give valid sudo pasword ## What went wrong The CAROOT directory contains two files: -r-------- ... rootCA-key.pem -rw-r--r-- ... rootCA.pem Surely both files should be read-only to owner only?