- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Apache, Open-ssl "PRNG not seeded" when making cer...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2002 11:18 AM
тАО04-05-2002 11:18 AM
13909:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:501:You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html
13909:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182:
In looking at the above URL in the error message, I was led to this page:
http://www.apache-ssl.org/docs.html#SSLRandomFile
Which gives this example:
SSLRandomFile file /dev/urandom 1024
I can't figure out what that means or what I'm supposed to do with it. I've changed a line in the Configuration file from:
Rule DEV_RANDOM=default
to
Rule DEV_RANDOM=truerand
But still cannot make the certificate. The /dev/urandom device (nor /dev/random) exist on this box.
Solved! Go to Solution.
- Tags:
- Apache
- certificate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2002 11:24 AM
тАО04-05-2002 11:24 AM
Re: Apache, Open-ssl "PRNG not seeded" when making certificate,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2002 11:27 AM
тАО04-05-2002 11:27 AM
Re: Apache, Open-ssl "PRNG not seeded" when making certificate,
This earlier thread might help:
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x05c50bce6f33d6118fff0090279cd0f9,00.html
HTH,
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2002 11:34 AM
тАО04-05-2002 11:34 AM
Re: Apache, Open-ssl "PRNG not seeded" when making certificate,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2002 11:38 AM
тАО04-05-2002 11:38 AM
Re: Apache, Open-ssl "PRNG not seeded" when making certificate,
I created my own certicate using the following process.
#cd /opt/apache/ssl
#./openssl req -new -keyout myprivate.key -out mypublic.csr
Answer few questions here...
#./openssl rsa -in myprivate.key -out my.cert.key
#./openssl x509 -in mypublic.csr -out my.cert.cert -req -signkey my.cert.key -d
ays 365
This worked for me.
-Sri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2002 11:44 AM
тАО04-05-2002 11:44 AM
Re: Apache, Open-ssl "PRNG not seeded" when making certificate,
Well, w/o /dev/random ( as almost all other flavors have) we HPers are stuck with random(3m) which of course is ueseless cryptographically.
Good luck - I suggest you call/write the Apache folks & gently remind them you're installing on HP-UX & ask them what the heck you're supposed to do w/o a /dev/random?
Rgds,
Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2002 11:49 AM
тАО04-05-2002 11:49 AM
Re: Apache, Open-ssl "PRNG not seeded" when making certificate,
Sri,
When I try what was successful for you I get the same error:
./openssl req -new -keyout myprivate.key -out mypublic.csr
Using configuration from /usr/local/ssl/openssl.cnf
unable to load 'random state'
This means that the random number generator has not been seeded
with much random data.
Generating a 1024 bit RSA private key
14805:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:501:You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html
14805:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2002 12:22 PM
тАО04-05-2002 12:22 PM
SolutionSorry I didn't read your message clearly. I knew I had this problem as on HP you don't have /dev/random. There is a work around for it if I remember correctly, it will initialize a .rnd file in root's home.
Take three more test files and compress them. You can use files like /var/adm/sw/swagent.log etc.,
Use the command
#openssl genrsa -des3 -rand file1.Z:file2.Z:file3.Z -out my.key 1024.
After generating the key, verify if you have the file .rnd in your home directory. You should not get this error from then onwards.
-Sri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-07-2002 11:56 AM
тАО04-07-2002 11:56 AM