diff --git a/backend/scripts/fixCertPermissions.sh b/backend/scripts/fixCertPermissions.sh
index d619c59..7b02a27 100755
--- a/backend/scripts/fixCertPermissions.sh
+++ b/backend/scripts/fixCertPermissions.sh
@@ -47,27 +47,28 @@ echo "📜 Setze Berechtigungen für Zertifikate..."
 sudo chgrp -R "$CERT_GROUP" "$CERT_DIR"
 
 # Setze Berechtigungen: Owner (root) kann lesen/schreiben, Gruppe kann lesen
-sudo chmod 640 "$CERT_DIR/privkey.pem"
-sudo chmod 644 "$CERT_DIR/fullchain.pem"
-sudo chmod 644 "$CERT_DIR/cert.pem"
-sudo chmod 644 "$CERT_DIR/chain.pem"
+# WICHTIG: Verwende find, um auch die Symlinks zu behandeln
+sudo find "$CERT_DIR" -name "privkey.pem" -exec chmod 640 {} \;
+sudo find "$CERT_DIR" -name "fullchain.pem" -exec chmod 644 {} \;
+sudo find "$CERT_DIR" -name "cert.pem" -exec chmod 644 {} \;
+sudo find "$CERT_DIR" -name "chain.pem" -exec chmod 644 {} \;
 
 # Setze auch für das archive-Verzeichnis (wo die Symlinks hinzeigen)
 ARCHIVE_DIR="/etc/letsencrypt/archive/tt-tagebuch.de"
-if [ -d "$ARCHIVE_DIR" ]; then
+if sudo test -d "$ARCHIVE_DIR"; then
+    echo "📜 Setze Berechtigungen für archive-Verzeichnis..."
     sudo chgrp -R "$CERT_GROUP" "$ARCHIVE_DIR"
-    sudo chmod 640 "$ARCHIVE_DIR/privkey*.pem"
-    sudo chmod 644 "$ARCHIVE_DIR/fullchain*.pem"
-    sudo chmod 644 "$ARCHIVE_DIR/cert*.pem"
-    sudo chmod 644 "$ARCHIVE_DIR/chain*.pem"
+    sudo find "$ARCHIVE_DIR" -name "privkey*.pem" -exec chmod 640 {} \;
+    sudo find "$ARCHIVE_DIR" -name "fullchain*.pem" -exec chmod 644 {} \;
+    sudo find "$ARCHIVE_DIR" -name "cert*.pem" -exec chmod 644 {} \;
+    sudo find "$ARCHIVE_DIR" -name "chain*.pem" -exec chmod 644 {} \;
 fi
 
 echo "✅ Berechtigungen gesetzt!"
 echo ""
-echo "⚠️  WICHTIG: Der Service muss neu gestartet werden, damit die Gruppenänderung wirksam wird:"
-echo "   sudo systemctl restart tt-tagebuch"
-echo ""
 echo "📋 Prüfe Berechtigungen:"
 sudo ls -la "$CERT_DIR/privkey.pem"
 sudo ls -la "$CERT_DIR/fullchain.pem"
-
+echo ""
+echo "⚠️  WICHTIG: Der Service muss neu gestartet werden, damit die Gruppenänderung wirksam wird:"
+echo "   sudo systemctl restart tt-tagebuch"