Updated how about the private key access modes, chmod, or chown or umask (markdown)

how-about-the-private-key-access-modes,--chmod,-or-chown-or-umask.md

@@ -10,9 +10,9 @@ Ok, let me give a longer answer:
 2. When you use `--install-cert` command to **copy** the cert to the target locations,  we use `cat keyfile > target_key_file` pattern, in which the target file permission is not changed, and you only need **write** permission to the target file.
 Yes, if the target file doesn't exist for the first time,  it will be created with your default *umask*, which is **umask 022** in most of the unix/linux systems.  In this case, somebody else *may* read your private key file.  But you can change the file mode manually, `chmod 700 target_key_file`. 
 The reason why we don't change the file mode is:  
-  1. `chmod` may have different support crossing different platforms.  
-  2. We respect the users choice most. We trust you more than ourselves.  you can change the file modes manually, you know your system best. We respect your choice.
-  3. There may cause problems if running as root, for example, when running as root, and we default to change the mode to `700` for the private key file,  the apache server is commonly running as user `www-data`, it can not read your private key. nginx server has the same problem.  Which could cause the normal uses confused.
+    1. `chmod` may have different support crossing different platforms.  
+    2. We respect the users choice most. We trust you more than ourselves.  you can change the file modes manually, you know your system best. We respect your choice.
+    3. There may cause problems if running as root, for example, when running as root, and we default to change the mode to `700` for the private key file,  the apache server is commonly running as user `www-data`, it can not read your private key. nginx server has the same problem.  Which could cause the normal uses confused.
 
 
 So, doing more doesn't mean doing better.   Less is more.