On 6 Jun 2001, at 21:21, Mads Toftum wrote:
> On Wed, Jun 06, 2001 at 07:43:21PM +0200, Michael Middleton wrote:
> > I have successfully compiled ModSSL with OpenSSL and Apache a number of
> > times without problems, the last time with
> >
> > Apache/1.3.19
> > mod_ssl/2.8.2 and
> > OpenSSL/0.9.6a
> >
> > It worked fine on a Sun Solaris 2.8 (gcc 2.95.2)
> >
> > But when I compiled it on a similar machine I cound not start Apache
> > with SSL. SSL Log:
[...]
> Read the FAQ: http://www.modssl.org/docs/2.8/ssl_faq.html#entropy
> and http://www.openssl.org/support/faq.html#USER1
>
Naturally I read the FAQs. (I should have mentioned it in my previous
posting.)
The OpenSSL-FAQ describes what the OpenSSL command line tools do and says
that random seeding is the resposibility of the application.
The mod_ssl FAQ describes the problem. I have also seen that the "make
certificate" procedure goes to a lot of trouble to generate enough
entropy. What this FAQ does not say, and what I'd like to know is: where
does Apache get its entopy?
Mike Middleton
-------------------------------------------------------------
Michael Middleton
RZ der Universitaet Regensburg
93040 REGENSBURG Tel: +49-941/943-4890
F R Germany
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
