The permission attributes (you can usually just refer to the last 3 numbers) work like so:
000
---
|||
||+- World permissions (everyone)
|+- Group permissions
+- Owner (user) permissions
So when you say your setup is:
That means that the user root has read (4) access, the group root has read (4) access, and everyone else had read (4) access.
Suggest you read up further on Unix file permissions, here’s a good overview. My previous post should suit your objectives, though, and Caddy will naturally handle permissions itself once it’s managing certificates via ACME.