Launching as normal user fails with missing certs

[LiSongMWO]

I'm trying to write a systemd unit for the pixelserv to have it behave like other services on my system.

I created a service user for pixelserv called pixelserv and did the appropriate chowns for /var/cache/pixelserv and /tmp/pixelserv. When starting the service I get the following errors:

pixelserv-tls[13715]: pixelserv-tls 2.2.1 (compiled: Sep  1 2019 17:45:50 flags: tfo no_tls1_3) options: -u pixelserv -f -l 4
pixelserv-tls[13715]: cert_tlstor_init: failed to load ca.crt
pixelserv-tls[13715]: cert_tlstor_init: failed to load ca.key
pixelserv-tls[13715]: sslctx_tbl_load: /var/cache/pixelserv/prefetch doesn't exist.
pixelserv-tls[13715]: Abort: Permission denied - :*:443

When I launch it as root it works. For security reasons I don't want to launch it as root, is there something we can do to fix the startup problem?

[LiSongMWO]

The reason it fails is not the missing certs but rather that you actually need root to open sockets for ports below 1024. So root is actually needed unless running on a higher port and using port forwarding.

So WAI I guess, but the error could have been clearer.