Hi folks,
I am curently updating all my apache server to the newest version of
apache/mod_ssl/openssl, at
least I tried until I found the solution.
I get an error when starting the freshly compiled apache 1.3.27 with
config from 1.3.26:
[Fri Nov 22 11:56:43 2002] [error] mod_ssl: Init: Failed to generate
temporary 5
12 bit RSA private key (OpenSSL library error follows)
[Fri Nov 22 11:56:43 2002] [error] OpenSSL: error:24064064:random number
generat
or:SSLEAY_RAND_BYTES:PRNG not seeded
[Fri Nov 22 11:56:43 2002] [error] OpenSSL: error:04069003:rsa
routines:RSA_gene
rate_key:BN lib
I know this is because under Solaris<9 there is no /dev/(u)random. So I
use the prngd
daemon by Lutz Jaenicke since ever.
My working configuration in httpd.conf from version 1.3.26/2.8.10 is:
SSLRandomSeed startup egd:/etc/egd-pool
SSLRandomSeed connect egd:/etc/egd-pool
But this does not work with 1.3.27/2.8.12 obviously.
The solution is appendig the bytes you wish to get from prngd:
SSLRandomSeed startup egd:/etc/egd-pool 512
SSLRandomSeed connect egd:/etc/egd-pool 512
As far as I searched this is not documented. Please can anyone insert
this into
the documentation chapter 3?
Thanks and regards
Alex Kuehne
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
