from Terry :
Go to this link http://www.cosy.sbg.ac.at/~andi/ and pick up the version
0.3 file. When you compile and install it a /dev/random and /dev/urandom
will be created. Works great, use it on all our systems with SSL on them.
Later,
Terry
Phil Mills wrote:
> This is a slightly different situation, but I suspect the underlying
> issue is the same :
>
> I am using Solaris 2.6, OpenSSL 0.9.5a, ModSSL 2.6.6 & Apache 1.3.12.
>
> On Solaris 2.6, there is neither a /dev/urandom nor a /dev/random by
> default. As suggested in comments on the FAQ lists, I installed the
> Solaris patch 105710-01 and now have a /dev/random. BUT ... I was
> still getting run-time errors (PRNG not seeded) when running 'make
> certificate' in the Apache directory.
>
> I noticed that in the OpenSSL directory, there's a header file e_os.h
> which #defines DEVRANDOM to be "/dev/urandom". I have changed this to
> "/dev/random", rebuilt, and my 'make certificate' goes through now.
> Does anybody concur that this was a good thing to do ?
>
> What my (and I guess, Massimo's) question is : what's the recommended
> alternative to /dev/urandom and what's the recommended way of using
> it (e.g. do we need to set RANDFILE to anything) ?
>
> BTW, does anybody know what you do for Solaris 7 & 8 ?
>
> Phil Mills
> QSP Net Products Development
>
> -----Original Message-----
> From: Sassi Massimo [mailto:[EMAIL PROTECTED]]
> Sent: 01 September 2000 09:54
> To: '[EMAIL PROTECTED]'
> Subject: Init: Failed to generate private key Error on HP-UX system
>
> I've compiled and installed mod_ssl-2.4.10-1.3.9, open_ssl-0.9.5a and
> Apache-1.3.9 on an machine with the following OS: HP-UX 10.20.
>
> But after the successfull installation Apache is unable to start, via
> the "apachectl startssl" or the regular "apachectl start" commands.
> I see the following entry in the error_log:
> [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA
> private key.
>
> >From the mailing list I've Known that this is a regular problem and I
> understand that it's possible to resolve it by means of SSLRandomSeed
> directives in httpd.conf. Is this correct ?
> On systems without /dev/urandom (and HP-UX is one of this) the problem
> is to generate a "randomness device".
>
> Has anyone else encountered this error, and if so, could you give me a
> step by step procedure about how to resolve it? Many thanks in advance.
>
> Massimo Sassi
> _______________________________________
> Massimo Sassi
>
> CSELT S.p.A.
> TELECOM ITALIA GROUP
>
> Data Network and Service Management
>
> e-mail: [EMAIL PROTECTED]
> _________________________________________
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
