Thanks *Jon *for openssl command confirmation.
*@ylavik*,
Its linux OS and openssl version is 1.1.1k-fips. I not yet explored
with SSLRandomSeed changes.
Yes, we upgraded openssl few months back to 1.1.1k, but we are seeing
this httpd hangs issue from last month.
*@otis Dewitt*, Since its production code in systems, I cant install
haveged and try it out.
On Thu, Sep 23, 2021 at 4:57 AM Otis Dewitt - NOAA Affiliate
<otis.dew...@noaa.gov.invalid> wrote:
>
> I don't think "insufficient entropy" has anything to do with Apache, but
> you could try installing "haveged" rpm.
> That may solve your problem.
>
> On Wed, Sep 22, 2021 at 2:11 PM alchemist vk <alchemist...@gmail.com>
> wrote:
>
>> Hi All,
>> We are using httpd version 2.4.46 and its working fine for a long time.
>> But recently, we started seeing an issue where apache hangs indefinitely
>> even when the system is in idle state.
>> And when apache hangs, I see below entries in error_log:
>> [Tue Sep 21 22:05:53.243013 2021] [ssl:warn] [pid 5769:tid 2644435888]
>> AH01990: Server: PRNG still contains insufficient entropy!
>> [Tue Sep 21 22:05:54.501476 2021] [ssl:warn] [pid 5769:tid 2787111856]
>> AH01990: Server: PRNG still contains insufficient entropy!
>> [Tue Sep 21 22:05:54.502449 2021] [ssl:warn] [pid 5769:tid 2787111856]
>> AH01990: Server: PRNG still contains insufficient entropy!
>> ...
>> ....
>> ....
>>
>> I am pretty sure, we not changed anything related to httpd config for
>> quite a time time and have no idea, why this issue started getting
>> manifested now.
>> Please help me how to RC this and what logs can be looked to debug
>> further?
>>
>> PS: Occurence of issue is more in systems where FIPS is enabled. In FIPS
>> disabled systems, occurrence is less.
>>
>> With Regards
>> Venkat
>>
>>
>>
>>
>>
