Be more restrictif on sensu_ssl_client_cert

Be more restrictif with sensu_ssl_client_cert

tasks/ssl.yml

@@ -24,7 +24,7 @@
       dest: "{{ sensu_config_path }}/ssl/{{ item.dest }}"
       mode: " {{ item.perm }}"
     with_items:
-      - {src: "{{ sensu_ssl_client_cert }}", dest: cert.pem , perm: "0644" }
+      - {src: "{{ sensu_ssl_client_cert }}", dest: cert.pem , perm: "0640" }
       - {src: "{{ sensu_ssl_client_key }}" , dest: key.pem  , perm: "0640" }
     notify: restart sensu-client service
     when: sensu_ssl_manage_certs