Hi,
I am trying to sign a root certificate using a DSA key:
I am using Windows 2000 and openssl 0.95a issuing the following commands:
openssl dsaparam -out dsa.cnf 1024
openssl req -newkey dsa:dsa.cnf -keyout root.key
-newkey within the same command didn't work. It issued a RSA certificate.
openssl req -new -out root.ca -key root.key -config openssl.cnf -x509
I do get the following error:
312:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not
seeded:.\crypto\rand\md_rand.c:470:
312:error:0A06B003::lib(10) :DSA_sign_setup:BN
lib:.\crypto\dsa\dsa_ossl.c:214:
312:error:0A070003::lib(10) :DSA_do_sign:BN lib:.\crypto\dsa\dsa_ossl.c:152:
312:error:0D072006:asn1 encoding routines:ASN1_sign:bad get asn1 object
call:.\crypto\asn1\a_sign.c:129:
I think this is an error due to not being seeded. Specifing a random file in
openssl.cnf or putting .rnd in the current directory didn't work either.
Hints or patches are welcome.
Thanks,
Florian Kerschbaum
P.S. Good work OpenSSL team !
Disclaimer: All opinions expressed in this e-mail or my own and do not
officially represent my current employer.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
