Greetings folks! This is my first submission to a open developers group so my apologies if the format offends anyone. Some technical background: The server is an IBM RS/6000 (type: 7043-140) The O/S is AIX 4.3.3 plus patches to get Oracle 8.1.7 running. The C compiler is IBM's C for AIX version 4.4.0 with the 4.4.0.3 patch applied. Over the past weekend I downloaded openssl-0.9.6a and was going to try to use it with Apache for the first time. The code downloaded, compiled and installed with no problem. I was trying out some of the functions and encountered an error when I ran "genrsa". The following is the error message: OpenSSL> genrsa warning, not much extra random data, consider using the -rand option Generating RSA private key, 512 bit long modulus 20340:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:474:You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html 20340:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182:error in genrsa Since the error message was specific I thought I'd take a look at the indicated module (../openssl-0.9.6a/crypto/rand/md_rand.c). It seems that the variable "ok" was set to zero. Working my way down the function I found "ok = (entropy >= ENTROPY_NEEDED);" The following statement checked the value of "ok". I noticed that the if statement didn't modify "ok" back to one. I added "ok=1;" after line 378 and things seemed to work okay. After this I built Apache with mod_ssl and everything seemed to work. My question is: "is the above code change solve the problem or did I just solve a symptom?". Thanks Mike Hynds Allina Health System ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
