This might be a silly question, so I apologize, but I would like to know
answer. When configuring Nginx to work with SSL/TLS, best practice
to be to secure your site’s private key by ensuring it’s owned by
and that its permissions are set to 400. My question, though, is why
this work? The Nginx worker processes, running under their own context,
can’t access the file that way. Do they rely on the master process
as root) to read the key for them?
Posted at Nginx Forum: