I also had some strange problems with apache 2.0.44 on solaris 9, it
turned out to be that the module automatically uses conf/ssl.conf (which I
didn't expect). So my suggestion is that you should add all the ssl
configuration in this file only.
Carlos
> Dear all,
>
> first the properties of my box: Solaris 7 (hence no /dev/random) and gcc 3.0.1.
> I compiled Apache 2.0.44 with the following options:
>
> ./configure --prefix=/usr/local/apache-2.0.44-ssl --enable-info --enable-ssl \
> --with-egd=/var/adm/entropy
>
> My SSL is 0.9.7a, and /var/adm/entropy is a socket serviced by PRNG (I tested it
> with egc.pl and it delivers the desired data, but this is not the problem)
>
> When I try to start the server error_log writes:
> [Thu Feb 27 13:24:41 2003] [info] Init: Initializing OpenSSL library
> [Thu Feb 27 13:24:41 2003] [info] Init: Seeding PRNG with 0 bytes of entropy
> [Thu Feb 27 13:24:41 2003] [warn] Init: PRNG still contains insufficient entropy!
> [Thu Feb 27 13:24:41 2003] [info] Init: Generating temporary RSA private keys
> (512/1024 bits)
> [Thu Feb 27 13:24:41 2003] [error] Init: Failed to generate temporary 512 bit RSA
> private key
> Configuration Failed
>
> The relevant portions of my httpd.conf:
> <IfModule mod_ssl.c>
> Include conf/test-ssl.conf
> </IfModule>
>
> And in test-ssl.conf:
> SSLRandomSeed startup builtin
> SSLRandomSeed startup egd:/var/adm/entropy 512
> SSLRandomSeed connect builtin
> SSLRandomSeed connect egd:/var/adm/entropy 512
>
> The rest is more or less standard. Whatever I write into test-ssl.conf the error
> message shown above comes again. Even if I comment out SSL in httpd.conf:
> #<IfModule mod_ssl.c>
> # Include conf/test-ssl.conf
> #</IfModule>
>
> the same message appears. A truss on the process (with or without outcommented
> mod_ssl.c) yields the same:
>
> 14566: open("/dev/urandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) Err#2 ENOENT
> 14566: open("/dev/random", O_RDONLY|O_NONBLOCK|O_NOCTTY) Err#2 ENOENT
> 14566: open("/dev/srandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) Err#2 ENOENT
>
> What is happening here? My Solaris box has none of these /dev/*random, but
> why are they called when I a) specify /var/adm/entropy and b) even when
> I don't want to start SSL at all?
>
>
> Thank a lot in advance for your input,
> Beat
> --
> Beat M�ller
> Institut f�r Elektronik
> ETH Z�rich - Schweiz
> [EMAIL PROTECTED]
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
--
Doubt is a not a pleasant mental state, but certainty is a ridiculous one.
-- Voltaire
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
