Re: Apache startup problem

Lutz Jaenicke Thu, 11 Jan 2001 01:46:42 -0800
On Thu, Jan 11, 2001 at 10:43:45AM +0100, [EMAIL PROTECTED] wrote:
> On Thu, Jan 11, 2001 at 10:19AM +0100, [EMAIL PROTECTED] wrote:
> > Did you think of pointing apache to the socket of your already running egd
> > in httpd.conf?
> > ...
> > SSLRandomSeed startup egd:/var/run/egd-pool
> > ...
> 
> Well, I'm using /etc/entropy rather than /var/run/egd-pool, but yes, I've got
> 
> SSLRandomSeed startup egd:/etc/entropy
> 
> in my httpd.conf. It wouldn't have started at all without that, surely?

If you omit this statement, the OpenSSL library would still try /dev/urandom,
so it would not immediatly fail.
My httpd (HP-UX) is configured as:
SSLRandomSeed startup builtin
SSLRandomSeed startup egd:/var/run/egd-pool
SSLRandomSeed connect builtin
SSLRandomSeed connect egd:/var/run/egd-pool

On startup I can read:
[03/Jan/2001 17:00:31 24413] [info]  Server: Apache/1.3.14, Interface: mod_ssl/2.7.1, 
Library: OpenSSL/0.9.6
[03/Jan/2001 17:00:31 24413] [info]  Init: 1st startup round (still not detached)
[03/Jan/2001 17:00:31 24413] [info]  Init: Initializing OpenSSL library
[03/Jan/2001 17:00:31 24413] [info]  Init: Loading certificate & private key of 
SSL-aware server www.aet.tu-cottbus.de:443
[03/Jan/2001 17:00:31 24413] [info]  Init: Seeding PRNG with 391 bytes of entropy
[03/Jan/2001 17:00:31 24413] [info]  Init: Generating temporary RSA private keys 
(512/1024 bits)
[03/Jan/2001 17:00:39 24413] [info]  Init: Configuring temporary DH parameters 
(512/1024 bits)
[03/Jan/2001 17:00:39 24414] [info]  Init: 2nd startup round (already detached)
[03/Jan/2001 17:00:39 24414] [info]  Init: Reinitializing OpenSSL library
[03/Jan/2001 17:00:39 24414] [info]  Init: Seeding PRNG with 391 bytes of entropy
[03/Jan/2001 17:00:39 24414] [info]  Init: Configuring temporary RSA private keys 
(512/1024 bits)
[03/Jan/2001 17:00:39 24414] [info]  Init: Configuring temporary DH parameters 
(512/1024 bits)
[03/Jan/2001 17:00:39 24414] [info]  Init: Initializing (virtual) servers for SSL
[03/Jan/2001 17:00:39 24414] [info]  Init: Configuring server 
www.aet.tu-cottbus.de:443 for SSL protocol

What is your "Seeding PRNG with" information?

Best regards,
        Lutz
-- 
Lutz Jaenicke                             [EMAIL PROTECTED]
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
Re: Apache startup problem

Reply via email to
