diff --git a/.vib/harbor-adapter-trivy/goss/harbor-adapter-trivy.yaml b/.vib/harbor-adapter-trivy/goss/harbor-adapter-trivy.yaml
index 67d1ed6b25ef5..8f4f4c1c24ae0 100644
--- a/.vib/harbor-adapter-trivy/goss/harbor-adapter-trivy.yaml
+++ b/.vib/harbor-adapter-trivy/goss/harbor-adapter-trivy.yaml
@@ -25,5 +25,5 @@ command:
     exit-status: 0
   # Ensure permissions for Internal TLS
   check-permissions-system-certs:
-    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep ".*-rw-rw-r--"
+    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep "^.\{5\}w.*harbor"
     exit-status: 0
diff --git a/.vib/harbor-core/goss/harbor-core.yaml b/.vib/harbor-core/goss/harbor-core.yaml
index 8bd0fdd0be116..589e7a7d0e231 100644
--- a/.vib/harbor-core/goss/harbor-core.yaml
+++ b/.vib/harbor-core/goss/harbor-core.yaml
@@ -35,5 +35,5 @@ file:
 command:
   # Ensure permissions for Internal TLS
   check-permissions-system-certs:
-    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep ".*-rw-rw-r--"
-    exit-status: 0
\ No newline at end of file
+    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep "^.\{5\}w.*harbor"
+    exit-status: 0
diff --git a/.vib/harbor-exporter/goss/harbor-exporter.yaml b/.vib/harbor-exporter/goss/harbor-exporter.yaml
index 9af89565fb32f..475188c7ab509 100644
--- a/.vib/harbor-exporter/goss/harbor-exporter.yaml
+++ b/.vib/harbor-exporter/goss/harbor-exporter.yaml
@@ -22,5 +22,5 @@ command:
     exit-status: 0
   # Ensure permissions for Internal TLS
   check-permissions-system-certs:
-    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep ".*-rw-rw-r--"
+    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep "^.\{5\}w.*harbor"
     exit-status: 0
diff --git a/.vib/harbor-jobservice/goss/harbor-jobservice.yaml b/.vib/harbor-jobservice/goss/harbor-jobservice.yaml
index 637c980e2f49a..95e0c5a61e6f6 100644
--- a/.vib/harbor-jobservice/goss/harbor-jobservice.yaml
+++ b/.vib/harbor-jobservice/goss/harbor-jobservice.yaml
@@ -22,5 +22,5 @@ command:
     exit-status: 0
   # Ensure permissions for Internal TLS
   check-permissions-system-certs:
-    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep ".*-rw-rw-r--"     
-    exit-status: 0
\ No newline at end of file
+    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep "^.\{5\}w.*harbor"
+    exit-status: 0
diff --git a/.vib/harbor-notary-server/goss/harbor-notary-server.yaml b/.vib/harbor-notary-server/goss/harbor-notary-server.yaml
index 4f5b733d58d71..8b9b3547c7f71 100644
--- a/.vib/harbor-notary-server/goss/harbor-notary-server.yaml
+++ b/.vib/harbor-notary-server/goss/harbor-notary-server.yaml
@@ -16,7 +16,7 @@ file:
 command:
   # Ensure permissions for Internal TLS
   check-permissions-system-certs:
-    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep ".*-rw-rw-r--"
+    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep "^.\{5\}w.*harbor"
     exit-status: 0
   check-notary-server-binary:
     exec: notary-server -h
diff --git a/.vib/harbor-portal/goss/harbor-portal.yaml b/.vib/harbor-portal/goss/harbor-portal.yaml
index a290ff46b6a06..cf50790d2dc19 100644
--- a/.vib/harbor-portal/goss/harbor-portal.yaml
+++ b/.vib/harbor-portal/goss/harbor-portal.yaml
@@ -23,9 +23,9 @@ file:
 command:
   # Ensure permissions for Internal TLS
   check-permissions-system-certs:
-    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep ".*-rw-rw-r--.*harbor"
+    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep "^.\{5\}w.*harbor"
     exit-status: 0
   # Ensure a set of directories exist and the non-root user has write privileges to them
   check-directories-exist-with-user:
     exec: ls -dl /etc/ssl/certs /etc/pki/tls/certs/ 2>/dev/null | grep "drwxrwxr-x.*harbor"
-    exit-status: 0
\ No newline at end of file
+    exit-status: 0
diff --git a/.vib/harbor-registry/goss/harbor-registry.yaml b/.vib/harbor-registry/goss/harbor-registry.yaml
index 1ea5625bcefe8..5c09657e73edb 100644
--- a/.vib/harbor-registry/goss/harbor-registry.yaml
+++ b/.vib/harbor-registry/goss/harbor-registry.yaml
@@ -29,5 +29,5 @@ command:
     exit-status: 0
   # Ensure permissions for Internal TLS
   check-permissions-system-certs:
-    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep ".*-rw-rw-r--.*harbor"
-    exit-status: 0
\ No newline at end of file
+    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep "^.\{5\}w.*harbor"
+    exit-status: 0
diff --git a/.vib/harbor-registryctl/goss/harbor-registryctl.yaml b/.vib/harbor-registryctl/goss/harbor-registryctl.yaml
index a2f041d10117d..674b73e873288 100644
--- a/.vib/harbor-registryctl/goss/harbor-registryctl.yaml
+++ b/.vib/harbor-registryctl/goss/harbor-registryctl.yaml
@@ -27,8 +27,8 @@ command:
     exit-status: 0
   # Ensure permissions for Internal TLS
   check-permissions-system-certs:
-    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep ".*-rw-rw-r--.*harbor"
+    exec: ls -l /etc/pki/tls/certs/ca-bundle.crt /etc/pki/tls/certs/ca-bundle.trust.crt /etc/ssl/certs/ca-certificates.crt 2>/dev/null | grep "^.\{5\}w.*harbor"
     exit-status: 0
   check-harbor-registryctl-binary:
     exec: harbor_registryctl --help
-    exit-status: 0
\ No newline at end of file
+    exit-status: 0