On Wed, Apr 26, 2000 at 02:12:52PM -0600, Ramon Alvarez Rayo wrote:
> hello, i had installed apache-ssl and openssl.0-9-5a but when i tried to do
> make certificate
> the process fail, i read the faq and install egd-0.7 but i have problem
> using egd with openssl.
>
> does anyone have a guide to integrate openssl and egd or tellme how use egd
> with openssl because i not understand it.
EGD support is built into OpenSSL. Whenever you need to create a
cryptographically secure random number, you must pass the name of the
EGD socket to the openssl command.
So in order to generate a RSA key, you use the command
openssl genrsa -rand /name/of/egd/socket -out name_of_key.pem [more options]
There is just one (not really minor) nit. The "req" command does not
support the "-rand" option, so that you cannot use "openssl req -newreq"
with EGD. You must use the sequence
openssl genrsa -rand /name/of/egd/socket -out name_of_key.pem [more options].
openssl req -key name_of_key.pem [more options]
Alternatively you can create a set of random data and generate a random
seed file, which is automatically used by all openssl commands:
openssl rand -rand /name/of/edg/socket -out $HOME/.rnd
Regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
