From f55fd8d72c4263a649fc015da52a26bab4f7779d Mon Sep 17 00:00:00 2001
From: mguschin <gn.mikle@gmail.com>
Date: Wed, 4 Feb 2026 13:17:59 +0300
Subject: [PATCH] Fix self signed certs.

---
 entrypoint.sh | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index aea00cd..3b1ffa7 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -44,10 +44,12 @@ KEY_PATH="/etc/prosody/certs/xmpp.guschin.info.key"
 LETSENCRYPT_CERT="/etc/prosody/certs/letsencrypt/fullchain.pem"
 LETSENCRYPT_KEY="/etc/prosody/certs/letsencrypt/privkey.pem"
 
-if [ -f "$LETSENCRYPT_CERT" ] && [ -f "$LETSENCRYPT_KEY" ]; then
+if [ -r "$LETSENCRYPT_CERT" ] && [ -r "$LETSENCRYPT_KEY" ]; then
     echo "Using Let's Encrypt certificate..."
-    ln -sf "$LETSENCRYPT_CERT" "$CERT_PATH"
-    ln -sf "$LETSENCRYPT_KEY" "$KEY_PATH"
+    cp "$LETSENCRYPT_CERT" "$CERT_PATH"
+    cp "$LETSENCRYPT_KEY" "$KEY_PATH"
+    chmod 644 "$CERT_PATH"
+    chmod 600 "$KEY_PATH"
 elif [ ! -f "$CERT_PATH" ] || [ ! -f "$KEY_PATH" ]; then
     echo "Let's Encrypt certificate not found, generating self-signed certificate..."
     openssl req -x509 -newkey rsa:4096 -keyout "$KEY_PATH" -out "$CERT_PATH" \