Jitsi-Meet-Prosody (1.0.4428-1) update error: How to fix permissions for Prosody to read this file?

Good morning,
Just got the latest update including jitsi-meet-prodody (1.0.4428-1) which threw the following error: I guess I need to chown or chmod something. Any pointers anyone, please?
I guess this will also be the reason for my other unresolved issue: https://community.jitsi.org/t/help-please-recording-failed-prosody-configuration-shot-after-update-to-11-6/78048

Here is the error message I get during the upgrade process:

Preparing to unpack …/jitsi-meet_2.0.5076-1_all.deb …
Unpacking jitsi-meet (2.0.5076-1) over (2.0.4966-1) …
Preparing to unpack …/jicofo_1.0-636-1_all.deb …
Unpacking jicofo (1.0-636-1) over (1.0-626-1) …
Preparing to unpack …/jitsi-meet-web_1.0.4428-1_all.deb …
Unpacking jitsi-meet-web (1.0.4428-1) over (1.0.4370-1) …
Preparing to unpack …/jitsi-meet-web-config_1.0.4428-1_all.deb …
Unpacking jitsi-meet-web-config (1.0.4428-1) over (1.0.4370-1) …
Preparing to unpack …/jitsi-meet-prosody_1.0.4428-1_all.deb …
Unpacking jitsi-meet-prosody (1.0.4428-1) over (1.0.4370-1) …
Processing triggers for systemd (229-4ubuntu21.29) …
Processing triggers for ureadahead (0.100.0-19.1) …
Setting up jicofo (1.0-636-1) …
Updating /etc/jitsi/jicofo/config to use jicofo.conf
Generating an empty jicofo.conf file
Setting up jitsi-meet-web (1.0.4428-1) …
Setting up jitsi-meet-web-config (1.0.4428-1) …

You can now switch to a Let’s Encrypt certificate. To do so, execute:
/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh


Setting up jitsi-meet-prosody (1.0.4428-1) …
certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Check that the permissions allow Prosody to read this file. (for client_https port 0)

When I check permissions with ls -l I get
root@jitsi:/etc/prosody/certs# ls -l
total 24
lrwxrwxrwx 1 root root 44 Jun 3 15:52 auth.jitsi.ngberger.com.crt -> /var/lib/prosody/auth.jitsi.ngberger.com.crt
lrwxrwxrwx 1 root root 44 Jun 3 15:52 auth.jitsi.ngberger.com.key -> /var/lib/prosody/auth.jitsi.ngberger.com.key
-rw-r–r-- 1 root root 1895 Jan 19 2020 GNUmakefile
lrwxrwxrwx 1 root root 39 Jun 3 15:52 jitsi.ngberger.com.crt -> /var/lib/prosody/jitsi.ngberger.com.crt
lrwxrwxrwx 1 root root 39 Jun 3 15:52 jitsi.ngberger.com.key -> /var/lib/prosody/jitsi.ngberger.com.key
-rw-r–r-- 1 root root 607 Jan 19 2020 localhost.cnf
-rw-r–r-- 1 root root 1099 Aug 13 07:34 localhost.crt
-rw------- 1 root root 1704 Aug 13 07:34 localhost.key
-rw-r–r-- 1 root root 719 Jan 19 2020 makefile
-rw-r–r-- 1 root root 1584 Jan 19 2020 openssl.cnf

  1. I feel stupid failing at such a basic task, but would really appreciate anybody’s help on how to resolve this.
  2. The prompt to run sh script for let’s encrypt puzzles me, too. Does this mean, I need to run this again? Let’s encrypt was correctly set up previously on this machine, so do I ignore it or what?

Thanks for your thoughts and advice
Norbert

Make sure prosody has access to this specific file - localhost.key. It doesn’t right now:

-rw------- 1 root root 1704 Aug 13 07:34 localhost.key

It will prompt you, but when you enter your email as requested, it will recognize that you already have a cert and will advise that it’s not due for renewal yet.