On Thu, 9 Mar 2000, Theodore Hope wrote: > I just build OpenSSL 0.9.5, standard, on Solaris (SunOS) 5.6. > When I run "openssl s_client -connect www.foo.bar:443" I get this: > > unable to load 'random state' > This means that the random number generator has not been seeded > with much random data. > Consider setting the RANDFILE environment variable to point at a file that > 'random' data can be kept in (the file will be overwritten). > connect: Connection refused > connect:errno=146 > error in s_client > > On BSD machines this doesn't happen (I guess it guesses correctly that > it can use /dev/urandom or something?). I know I can set the RANDFILE env > variable to something; what are other Solaris users using? Hey, a "me too" here. This makes sense, now. I put 0.9.5 on Solars 2.6 and 7, and IRIX 6.5, and with Crypt::SSLeay net_ssl_test, I got errors. On my Linux box, I did not (which has /dev/*random). I got some more info, too (on IRIX): unable to load 'random state' This means that the random number generator has not been seeded with much random data. Consider setting the RANDFILE environment variable to point at a file that 'random' data can be kept in (the file will be overwritten). CONNECTED(00000003) depth=1 /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign verify error:num=20:unable to get local issuer certificate verify return:0 44423:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not seeded:md_rand.c:470: 44423:error:05067003:Diffie-Hellman routines:DH_generate_key:BN lib:dh_key.c:148: 44423:error:14098005:SSL routines:SSL3_SEND_CLIENT_KEY_EXCHANGE:bad asn1 object header:s3_clnt.c:1403: I'm also not sure what to use for this. Don -- Don Badrak <[EMAIL PROTECTED]> 301.457.8263 work Telecommunications Office 301.457.4438 fax U.S. Bureau of the Census Suitland MD, USA ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]