Thanks *Jon *for openssl command confirmation. *@ylavik*, Its linux OS and openssl version is 1.1.1k-fips. I not yet explored with SSLRandomSeed changes. Yes, we upgraded openssl few months back to 1.1.1k, but we are seeing this httpd hangs issue from last month.
*@otis Dewitt*, Since its production code in systems, I cant install haveged and try it out. On Thu, Sep 23, 2021 at 4:57 AM Otis Dewitt - NOAA Affiliate <otis.dew...@noaa.gov.invalid> wrote: > > I don't think "insufficient entropy" has anything to do with Apache, but > you could try installing "haveged" rpm. > That may solve your problem. > > On Wed, Sep 22, 2021 at 2:11 PM alchemist vk <alchemist...@gmail.com> > wrote: > >> Hi All, >> We are using httpd version 2.4.46 and its working fine for a long time. >> But recently, we started seeing an issue where apache hangs indefinitely >> even when the system is in idle state. >> And when apache hangs, I see below entries in error_log: >> [Tue Sep 21 22:05:53.243013 2021] [ssl:warn] [pid 5769:tid 2644435888] >> AH01990: Server: PRNG still contains insufficient entropy! >> [Tue Sep 21 22:05:54.501476 2021] [ssl:warn] [pid 5769:tid 2787111856] >> AH01990: Server: PRNG still contains insufficient entropy! >> [Tue Sep 21 22:05:54.502449 2021] [ssl:warn] [pid 5769:tid 2787111856] >> AH01990: Server: PRNG still contains insufficient entropy! >> ... >> .... >> .... >> >> I am pretty sure, we not changed anything related to httpd config for >> quite a time time and have no idea, why this issue started getting >> manifested now. >> Please help me how to RC this and what logs can be looked to debug >> further? >> >> PS: Occurence of issue is more in systems where FIPS is enabled. In FIPS >> disabled systems, occurrence is less. >> >> With Regards >> Venkat >> >> >> >> >>