Hello, i've not digged through the whole openssl source yet - but it seems to me that the recent Debian Issue with the ssleay_rand_add method here http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/rand/md_rand.c?rev=141&view=diff&r1=141&r2=140&p1=openssl/trunk/rand/md_rand.c&p2=/openssl/trunk/rand/md_rand.c
does not affect the command line tool when called with openssl req -config $MY_CONFIG -noout -x509 -newkey rsa:$MY_KEY_LENGTH (in contrast to openssl genrsa) where in $CONFIG *no* RANDFILE is defined. AFAIK the method in question is never called from the request command line utility. And by default - the /root/.rnd or $HOME/.rnd file is always used if no RANDFILE is given. Anyone can answer this? Thanks ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]