diff --git a/monkey/monkey_island/linux/create_certificate.sh b/monkey/monkey_island/linux/create_certificate.sh
index ca7d397e0..cbbe5261b 100644
--- a/monkey/monkey_island/linux/create_certificate.sh
+++ b/monkey/monkey_island/linux/create_certificate.sh
@@ -21,10 +21,16 @@ umask 377
 
 echo "Generating key in $server_root/server.key..."
 openssl genrsa -out "$server_root"/server.key 2048
+chmod 400 "$server_root"/server.key
+
 echo "Generating csr in $server_root/server.csr..."
 openssl req -new -key "$server_root"/server.key -out "$server_root"/server.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=Monkey Department/CN=monkey.com"
+chmod 400 "$server_root"/server.csr
+
 echo "Generating certificate in $server_root/server.crt..."
 openssl x509 -req -days 366 -in "$server_root"/server.csr -signkey "$server_root"/server.key -out "$server_root"/server.crt
+chmod 400 "$server_root"/server.crt
+
 
 # Shove some new random data into the file to override the original seed we put in.
 if [ "$CREATED_RND_FILE" = true ] ; then