RE: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
Hi. I had the same error signalation "suexec: disabled; invalid wrapper /usr/local/apache/bin/suexec" (everytime I do ./httpd -l) when I tried, in a wrong way, to add ssl module and jrun module to apache configuration. I think, but I'm not sure, that the error is inside the APACI_ARGS. I solved my problem by editing the src/Configuration uncommenting (or adding) the corresponding AddModule directive. Bye romolo -Original Message- From: Paul [mailto:[EMAIL PROTECTED]] Sent: Friday, February 09, 2001 12:54 AM To: modssl; modperl Subject: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Hi, all. I've been trying to add a couple of modules to my Apache, and just can't seem to get it to do it's thing. Forgive me if I tell you too much, but I'm just trying to be thorough. STEP 1: === perl Makefile.PL USE_APACI=1 USE_DSO=0 EVERYTHING=1 \ DO_HTTPD=1 SSL_BASE=/usr/local/ssl \ APACHE_SRC=../apache_1.3.12/src\ APACI_ARGS=--enable-module=ssl,--enable-module=auth_dbm,--enable-modul e=info,--enable-module=rewrite,--enable-module=usertrack This runs smoothly. STEP 2: make This, too, runs smoothly. == STEP 3: make test Here's the problem. It runs fine till t/TEST tries to spawn a server and hit it. The server fails at init because it can't generate a temporary 512 bit RSA private key. I've moved to the apache directory and run "make certificate" before the "make test", but it doesn't help. If I'm not mistaken, I had this problem when I was first installing the server, and ended up skipping the test. It installed and has been working fine. I'd just rather have a clean test before I try installing and using the new binary now that it's in production. Anybody got a suggestion? [ROOT] /dart26/mod_perl-1.23: uname -a HP-UX uap5 B.10.20 C 9000/891 373319211 32-user license [ROOT] /dart26/mod_perl-1.23: ../apache_1.3.12/src/httpd -V Server version: Apache/1.3.12 (Unix) Server built: Feb 8 2001 16:04:39 Server's Module Magic Number: 19990320:7 Server compiled with -D EAPI -D HAVE_SHMGET -D USE_SHMGET_SCOREBOARD -D USE_FCNTL_SERIALIZED_ACCEPT -D HTTPD_ROOT="/usr/local/apache" -D SUEXEC_BIN="/usr/local/apache/bin/suexec" -D DEFAULT_PIDLOG="logs/httpd.pid" -D DEFAULT_SCOREBOARD="logs/httpd.scoreboard" -D DEFAULT_LOCKFILE="logs/httpd.lock" -D DEFAULT_XFERLOG="logs/access_log" -D DEFAULT_ERRORLOG="logs/error_log" -D TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" -D ACCESS_CONFIG_FILE="conf/access.conf" -D RESOURCE_CONFIG_FILE="conf/srm.conf" [ROOT] /dart26/mod_perl-1.23: ../apache_1.3.12/src/httpd -l Compiled-in modules: http_core.c mod_env.c mod_log_config.c mod_mime.c mod_negotiation.c mod_status.c mod_info.c mod_include.c mod_autoindex.c mod_dir.c mod_cgi.c mod_asis.c mod_imap.c mod_actions.c mod_userdir.c mod_alias.c mod_rewrite.c mod_access.c mod_auth.c mod_auth_dbm.c mod_usertrack.c mod_setenvif.c mod_ssl.c mod_perl.c suexec: disabled; invalid wrapper /usr/local/apache/bin/suexec(Also, anybody got an idea why this suexec message? is it something to worry about?) __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
--- Ges Seger [EMAIL PROTECTED] wrote: Paul wrote: Hi, all. I've been trying to add a couple of modules to my Apache, and just can't seem to get it to do it's thing. Forgive me if I tell you too much, but I'm just trying to be thorough. STEP 1: === perl Makefile.PL USE_APACI=1 USE_DSO=0 EVERYTHING=1 \ DO_HTTPD=1 SSL_BASE=/usr/local/ssl \ APACHE_SRC=../apache_1.3.12/src\ APACI_ARGS=--enable-module=ssl,--enable-module=auth_dbm,--enable-modul e=info,--enable-module=rewrite,--enable-module=usertrack This runs smoothly. STEP 2: make This, too, runs smoothly. == STEP 3: make test Here's the problem. It runs fine till t/TEST tries to spawn a server and hit it. The server fails at init because it can't generate a temporary 512 bit RSA private key. I've moved to the apache directory and run "make certificate" before the "make test", but it doesn't help. If I'm not mistaken, I had this problem when I was first installing the server, and ended up skipping the test. It installed and has been working fine. I'd just rather have a clean test before I try installing and using the new binary now that it's in production. Anybody got a suggestion? Recent versions of mod_ssl compiled for HPUX require an equivalent to Linux's /dev/random. You can get this by downloading and installing an Entropy Gathering Daemon (egd), which can be found at: http://www.lothar.com/tech/crypto/ I ran into the same problem last month upgrading my team's website, until trawling through various mailing list archives pointed me to egd. If 10.20 is anything like 11.x, this should get you through "make test" with flying colors. Apologies for being sort of off-topic here... Ges Senior Perl Hacker Ingenium Corporation EGD is great -- thanks for the suggestion -- but the "make test" is still no go. The OpenSSL manpage for RAND_egd (to which egd.pl docs pointed me) says if the socket is /dev/egd-pool it'll use it automatically, but it's a no-go so far. I'm at wit's end. Could it be something in the test httpd.conf? As a test I backed up the old httpd and replaced it with the new one, and it seems to be working fine. All that took less than a minute, and we're a small enough server that it was a tolerable interruption even if it hadn't worked, but I'd still like to do the install, just to update everything. Is that safe? What else does it change? __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
On Fri, Feb 09, 2001 at 01:04:51PM -0800, Paul wrote: EGD is great -- thanks for the suggestion -- but the "make test" is still no go. The OpenSSL manpage for RAND_egd (to which egd.pl docs pointed me) says if the socket is /dev/egd-pool it'll use it automatically, but it's a no-go so far. The automatic usage is brand new and only included in the version to become 0.9.7 one fine day. If you have =0.9.6 you have to explicitly specify the place in httpd.conf SSLRandomSeed startup egd:/var/run/egd-pool Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[OT] make test fail [WAS mod_ssl: Init: Failed to generate temporary 512 bit RSA private key]
--- Lutz Jaenicke [EMAIL PROTECTED] wrote: On Fri, Feb 09, 2001 at 01:04:51PM -0800, Paul wrote: EGD is great -- thanks for the suggestion -- but the "make test" is still no go. The OpenSSL manpage for RAND_egd (to which egd.pl docs pointed me) says if the socket is /dev/egd-pool it'll use it automatically, but it's a no-go so far. The automatic usage is brand new and only included in the version to become 0.9.7 one fine day. If you have =0.9.6 you have to explicitly specify the place in httpd.conf SSLRandomSeed startup egd:/var/run/egd-pool First, that was exactly the problem. May you and all who contributed to its resolution receive skillfully rendered the prurient favors you prefer most from the individual(s) of your choosing. Now, I have a slightly different point of confusion. The "make test" still fails, but leaves the spawned httpd running on the test port. The error log says: [notice] Destruction-DESTROY called for $global_object [Fri Feb 9 16:29:43 2001] [warn] [notice] child_init for process 23323, report any problems to [no address given] But if I hit the port with a browser I can pull the test.shtml page with all the SSI mod_perl calls working fine. I feel a lot better about doing the install now, but I still want to know what the problem is here. FYI, there was an suexec problem before, but I think that's just because this box doesn't have a user "nobody". I edited the test httpd.conf to run as our actual server id and it was happy, at least for that. It's just that I keep coming back to various suexec problems But since the current server runs and suexec's as it should, I'm not too worried about that. I just hate leaving *any* loose ends. _ On a seperate note, the main reason I was doing the recompile was to add in mod_auth_dbm. I finally got a test directory to do a simple request for authentication by ID/password, but now I can't get it to accept my password. I built the file with Apache's dbmmanage, importing a list of id/passwords from a script which used a perl crypt() to encrypt the passwords as it fed them to dbmmanage via pipe in the specified "id:encpwd" format. Everything seems to have gone smoothly enough, but it won't accept the password. What now? :o/ The .htaccess file is: === AuthDBMUserFile /dart10/web/docs/public/test/test AuthType Basic AuthName "password test site" Require valid-user === The DBM is in the directory I'm accessing, just as a test. *sigh* __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
Hi, all. I've been trying to add a couple of modules to my Apache, and just can't seem to get it to do it's thing. Forgive me if I tell you too much, but I'm just trying to be thorough. STEP 1: === perl Makefile.PL USE_APACI=1 USE_DSO=0 EVERYTHING=1 \ DO_HTTPD=1 SSL_BASE=/usr/local/ssl \ APACHE_SRC=../apache_1.3.12/src\ APACI_ARGS=--enable-module=ssl,--enable-module=auth_dbm,--enable-modul e=info,--enable-module=rewrite,--enable-module=usertrack This runs smoothly. STEP 2: make This, too, runs smoothly. == STEP 3: make test Here's the problem. It runs fine till t/TEST tries to spawn a server and hit it. The server fails at init because it can't generate a temporary 512 bit RSA private key. I've moved to the apache directory and run "make certificate" before the "make test", but it doesn't help. If I'm not mistaken, I had this problem when I was first installing the server, and ended up skipping the test. It installed and has been working fine. I'd just rather have a clean test before I try installing and using the new binary now that it's in production. Anybody got a suggestion? [ROOT] /dart26/mod_perl-1.23: uname -a HP-UX uap5 B.10.20 C 9000/891 373319211 32-user license [ROOT] /dart26/mod_perl-1.23: ../apache_1.3.12/src/httpd -V Server version: Apache/1.3.12 (Unix) Server built: Feb 8 2001 16:04:39 Server's Module Magic Number: 19990320:7 Server compiled with -D EAPI -D HAVE_SHMGET -D USE_SHMGET_SCOREBOARD -D USE_FCNTL_SERIALIZED_ACCEPT -D HTTPD_ROOT="/usr/local/apache" -D SUEXEC_BIN="/usr/local/apache/bin/suexec" -D DEFAULT_PIDLOG="logs/httpd.pid" -D DEFAULT_SCOREBOARD="logs/httpd.scoreboard" -D DEFAULT_LOCKFILE="logs/httpd.lock" -D DEFAULT_XFERLOG="logs/access_log" -D DEFAULT_ERRORLOG="logs/error_log" -D TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" -D ACCESS_CONFIG_FILE="conf/access.conf" -D RESOURCE_CONFIG_FILE="conf/srm.conf" [ROOT] /dart26/mod_perl-1.23: ../apache_1.3.12/src/httpd -l Compiled-in modules: http_core.c mod_env.c mod_log_config.c mod_mime.c mod_negotiation.c mod_status.c mod_info.c mod_include.c mod_autoindex.c mod_dir.c mod_cgi.c mod_asis.c mod_imap.c mod_actions.c mod_userdir.c mod_alias.c mod_rewrite.c mod_access.c mod_auth.c mod_auth_dbm.c mod_usertrack.c mod_setenvif.c mod_ssl.c mod_perl.c suexec: disabled; invalid wrapper /usr/local/apache/bin/suexec (Also, anybody got an idea why this suexec message? is it something to worry about?) __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Error: Failed to generate temporary 512 bit RSA private key.
I installed ssl aware apache on Digital Unix, by following the instructions from http://www.modssl.org/example I was able to do make certificate, but when I start apache withapachectl startssl, it returns httpd could not be started and the following error in the error_log file. [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Any suggestions are welcome. Anu. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Failed to generate temporary 512 bit RSA private key on Solaris 2.7....
It is most likely that you don't have the random number generator setup properly. By default the random number key is stored in a file under $HOME/.rand (You can choose to specify a different one if you want). Once you have the .rand file setup, you should be able to create a certificate. For more information checkout help on openssl -rand on www.openssl.org. Alternatively, you can try 'make certificate' in your build environment of apache+modssl and it should generate a certificate and private key for you. HTH, Sai Rajiv Dulepet wrote: Hello everybody, I am running the following: Sun Solaris 2.7 Apache 1.3.14 modssl 2.7-1.3.14 open-ssl.0.9.6 I got the following message when I tried to start APACHE... ./apachectl start: httpd could not be started and error_log shows this: mod_ssl: Init: failed to generate temporary 512 bit RSA private key I went through modssl mailing lists, and based on some suggestions, I went to http://www.cosy.sbg.ac.at/~andi/ and downloaded ANDIrand-0.6-5.7-sparc-2.pkg. I am asssuming Solaris 7 is same as Solaris 2.7. I did pkgadd -d ANDIrand-0.6-5.7-sparc-2.pkg At the end of package installation it complained that: Driver (random) is installed. Initializing random number generator... driver not loaded! And this my guess says that random generator is not loaded or installed properly. Since I am still unable to generate certificate using openssl command: # ./openssl genrsa -des3 -out server.key 1024 warning, not much extra random data, consider using the -rand option Generating RSA private key, 1024 bit long modulus 3169:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md _rand.c:474:You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html Any help in this regard would be appreciated Thanks, Rajiv __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Failed to generate temporary 512 bit RSA private key on Solaris 2.7....
Title: Failed to generate temporary 512 bit RSA private key on Solaris 2.7 Hello everybody, I am running the following: Sun Solaris 2.7 Apache 1.3.14 modssl 2.7-1.3.14 open-ssl.0.9.6 I got the following message when I tried to start APACHE... ./apachectl start: httpd could not be started and error_log shows this: mod_ssl: Init: failed to generate temporary 512 bit RSA private key I went through modssl mailing lists, and based on some suggestions, I went to http://www.cosy.sbg.ac.at/~andi/ and downloaded ANDIrand-0.6-5.7-sparc-2.pkg. I am asssuming Solaris 7 is same as Solaris 2.7. I did pkgadd -d ANDIrand-0.6-5.7-sparc-2.pkg At the end of package installation it complained that: Driver (random) is installed. Initializing random number generator... driver not loaded! And this my guess says that random generator is not loaded or installed properly. Since I am still unable to generate certificate using openssl command: # ./openssl genrsa -des3 -out server.key 1024 warning, not much extra random data, consider using the -rand option Generating RSA private key, 1024 bit long modulus 3169:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md _rand.c:474:You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html Any help in this regard would be appreciated Thanks, Rajiv
mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
Hello, Here is my configuration : Solaris 2.6, Apache 1.3.14, openSSL 0.96, modSSL 2.7.1 What I did : cd modSSL ./configure --with-ssl=../../openssl-0.9.6 --with-apache=../../../apache/apache_1.3.14 --prefix=/usr/local/apache cd ../../../apache/apache_1.3.14 make make certificate make install When I run /usr/local/apache/bin/httpd -d /export/home0/apache/gamsau to test my normal web server with this new version, I get the error " mod_ssl: Init: Failed to generate temporary 512 bit RSA private key" Thanks for any help -- Anne DURAND GAMSAU - MAP UMR CNRS-MCC n° 694 "Modèles et simulations pour l'Architecture, l'urbanisme et le Paysage" Ecole d'Architecture de Marseille 184 av de Luminy 13288 Marseille Cedex 09 tel : 04 91 82 71 62/70 - fax : 04 91 82 71 71 mel : [EMAIL PROTECTED] http : www.map.archi.fr __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[BugDB] Failed to generate temporary 512 bit RSA private key (PR#468)
Full_Name: koroten v Version: win32 apache 1.3.12 OS: win98 Submission from: (NULL) (62.76.169.62) Failed to generate temporary 512 bit RSA private key __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Failed to generate temporary 512 bit RSA private key
Hi, I have the exact problem of "Failed to generate temporary 512 bit RSA private key" as stated in your mod_ssl:FAQ. My server is compiled on Solaris-2.6 platform with the combination of /Apache-1.3.9/openssl-2.4.9/mod-ssl-0.9.5a/mm-1.1.3/rsaref-2.0. Can you kindly tell me the method and steps to get the server running? How do I use the SSLRandomSeed directives? How do I create a $HOME/.rnd file ? Thank you in advance for your help. -- \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ \_ o-o Tom Charng\_ \_ L[EMAIL PROTECTED] \_ \_ v(626)397-7184 \_ \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Failed to generate temporary 512 bit RSA private key
On Tue, Oct 17, 2000 at 12:28:07PM -0700, T. Charng wrote: Hi, I have the exact problem of "Failed to generate temporary 512 bit RSA private key" as stated in your mod_ssl:FAQ. My server is compiled on Solaris-2.6 platform with the combination of /Apache-1.3.9/openssl-2.4.9/mod-ssl-0.9.5a/mm-1.1.3/rsaref-2.0. These are old versions - you rwally should upgrade to Apache-1.3.14+mod_ssl2.7.1 - using openssl-0.9.6 might give you extra performance - rsaref is no longer used. Can you kindly tell me the method and steps to get the server running? How do I use the SSLRandomSeed directives? How do I create a $HOME/.rnd file ? See http://www.openssl.org/support/faq.html#6 vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Failed to generate temporary 512 bit RSA private key
OK, I've searched thru the archives and have seen many postings on this same problem. Yet, after following all the FAQs and the hints/tips of various postings, I still can't get this to work correctly. running the following: Sun Solaris 2.7 Apache 1.3.12 modssl 2.6.6-1.3.12 open-ssl 0.9.6 I was finally able to generate a key and csr successfully. But when I run: apachectl start or apachectl startssl, I'm still receiving: ./apachectl start: httpd could not be started and error_log shows this: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Any suggestions would be appreciated!!! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Failed to generate temporary 512 bit RSA private key
Jennifer, I had this problem and you will find a third party Solaris /dev/random implementation here: http://www.cosy.sbg.ac.at/~andi/ I have been using it for months in production with good results. Duane Gran spinweb.net Jennifer Dyess wrote: OK, I've searched thru the archives and have seen many postings on this same problem. Yet, after following all the FAQs and the hints/tips of various postings, I still can't get this to work correctly. running the following: Sun Solaris 2.7 Apache 1.3.12 modssl 2.6.6-1.3.12 open-ssl 0.9.6 I was finally able to generate a key and csr successfully. But when I run: apachectl start or apachectl startssl, I'm still receiving: ./apachectl start: httpd could not be started and error_log shows this: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Any suggestions would be appreciated!!! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Failed to generate temporary 512 bit RSA private key
Well, it looks like I neglected to make the appropriate settings in my hhtpd.conf. I'm looking at the online docs for mod-ssl and there's a ton of different directives that could all potentially be used in httpd.conf. ANyone willing to give me a sample of their httpd.conf? I think it would save me a lot of time setting this up. Thanks! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Duane Gran Sent: Wednesday, September 27, 2000 12:14 PM To: [EMAIL PROTECTED] Subject: Re: Failed to generate temporary 512 bit RSA private key Jennifer, I had this problem and you will find a third party Solaris /dev/random implementation here: http://www.cosy.sbg.ac.at/~andi/ I have been using it for months in production with good results. Duane Gran spinweb.net Jennifer Dyess wrote: OK, I've searched thru the archives and have seen many postings on this same problem. Yet, after following all the FAQs and the hints/tips of various postings, I still can't get this to work correctly. running the following: Sun Solaris 2.7 Apache 1.3.12 modssl 2.6.6-1.3.12 open-ssl 0.9.6 I was finally able to generate a key and csr successfully. But when I run: apachectl start or apachectl startssl, I'm still receiving: ./apachectl start: httpd could not be started and error_log shows this: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Any suggestions would be appreciated!!! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Failed to generate temporary 512 bit RSA private key
Jennifer, The default httpd.conf should work, however you have to have the following two entries in place in order for the new /dev/random device to work: SSLRandomSeed startup file:/dev/urandom 512 SSLRandomSeed connect file:/dev/urandom 512 If this doesn't help, email me direct at [EMAIL PROTECTED] and I'll be glad to send you my httpd.conf. Duane Jennifer Dyess wrote: Well, it looks like I neglected to make the appropriate settings in my hhtpd.conf. I'm looking at the online docs for mod-ssl and there's a ton of different directives that could all potentially be used in httpd.conf. ANyone willing to give me a sample of their httpd.conf? I think it would save me a lot of time setting this up. Thanks! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Duane Gran Sent: Wednesday, September 27, 2000 12:14 PM To: [EMAIL PROTECTED] Subject: Re: Failed to generate temporary 512 bit RSA private key Jennifer, I had this problem and you will find a third party Solaris /dev/random implementation here: http://www.cosy.sbg.ac.at/~andi/ I have been using it for months in production with good results. Duane Gran spinweb.net Jennifer Dyess wrote: OK, I've searched thru the archives and have seen many postings on this same problem. Yet, after following all the FAQs and the hints/tips of various postings, I still can't get this to work correctly. running the following: Sun Solaris 2.7 Apache 1.3.12 modssl 2.6.6-1.3.12 open-ssl 0.9.6 I was finally able to generate a key and csr successfully. But when I run: apachectl start or apachectl startssl, I'm still receiving: ./apachectl start: httpd could not be started and error_log shows this: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Any suggestions would be appreciated!!! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Failed to generate temporary 512 bit RSA private key
ok, I had problems installing /dev/random. I downloaded the package for Solaris and when I do pkgadd -d . it just doesn't recognize that file as a pkg...tried downloading it several times. I can't compile it from source because we've only got the gcc compiler and it loks like version 0.3 requires cc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Duane Gran Sent: Wednesday, September 27, 2000 1:55 PM To: [EMAIL PROTECTED] Subject: Re: Failed to generate temporary 512 bit RSA private key Jennifer, The default httpd.conf should work, however you have to have the following two entries in place in order for the new /dev/random device to work: SSLRandomSeed startup file:/dev/urandom 512 SSLRandomSeed connect file:/dev/urandom 512 If this doesn't help, email me direct at [EMAIL PROTECTED] and I'll be glad to send you my httpd.conf. Duane Jennifer Dyess wrote: Well, it looks like I neglected to make the appropriate settings in my hhtpd.conf. I'm looking at the online docs for mod-ssl and there's a ton of different directives that could all potentially be used in httpd.conf. ANyone willing to give me a sample of their httpd.conf? I think it would save me a lot of time setting this up. Thanks! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Duane Gran Sent: Wednesday, September 27, 2000 12:14 PM To: [EMAIL PROTECTED] Subject: Re: Failed to generate temporary 512 bit RSA private key Jennifer, I had this problem and you will find a third party Solaris /dev/random implementation here: http://www.cosy.sbg.ac.at/~andi/ I have been using it for months in production with good results. Duane Gran spinweb.net Jennifer Dyess wrote: OK, I've searched thru the archives and have seen many postings on this same problem. Yet, after following all the FAQs and the hints/tips of various postings, I still can't get this to work correctly. running the following: Sun Solaris 2.7 Apache 1.3.12 modssl 2.6.6-1.3.12 open-ssl 0.9.6 I was finally able to generate a key and csr successfully. But when I run: apachectl start or apachectl startssl, I'm still receiving: ./apachectl start: httpd could not be started and error_log shows this: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Any suggestions would be appreciated!!! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Failed to generate temporary 512 bit RSA private key
Jennifer, My memory is hazy on this one, but I believe you have to give the name of the package as an argument. I believe the syntax would be the following: # pkgadd -d ANDIrand-0.3-sparc-5.7.pkg This assumes that ANDIrand-0.3-sparc-5.7.pkg is in your current working directory. We are starting to get outside of the realm of the mod_ssl list, so feel free to email me privately if I can be of more hope. Duane Jennifer Dyess wrote: ok, I had problems installing /dev/random. I downloaded the package for Solaris and when I do pkgadd -d . it just doesn't recognize that file as a pkg...tried downloading it several times. I can't compile it from source because we've only got the gcc compiler and it loks like version 0.3 requires cc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Duane Gran Sent: Wednesday, September 27, 2000 1:55 PM To: [EMAIL PROTECTED] Subject: Re: Failed to generate temporary 512 bit RSA private key Jennifer, The default httpd.conf should work, however you have to have the following two entries in place in order for the new /dev/random device to work: SSLRandomSeed startup file:/dev/urandom 512 SSLRandomSeed connect file:/dev/urandom 512 If this doesn't help, email me direct at [EMAIL PROTECTED] and I'll be glad to send you my httpd.conf. Duane Jennifer Dyess wrote: Well, it looks like I neglected to make the appropriate settings in my hhtpd.conf. I'm looking at the online docs for mod-ssl and there's a ton of different directives that could all potentially be used in httpd.conf. ANyone willing to give me a sample of their httpd.conf? I think it would save me a lot of time setting this up. Thanks! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Duane Gran Sent: Wednesday, September 27, 2000 12:14 PM To: [EMAIL PROTECTED] Subject: Re: Failed to generate temporary 512 bit RSA private key Jennifer, I had this problem and you will find a third party Solaris /dev/random implementation here: http://www.cosy.sbg.ac.at/~andi/ I have been using it for months in production with good results. Duane Gran spinweb.net Jennifer Dyess wrote: OK, I've searched thru the archives and have seen many postings on this same problem. Yet, after following all the FAQs and the hints/tips of various postings, I still can't get this to work correctly. running the following: Sun Solaris 2.7 Apache 1.3.12 modssl 2.6.6-1.3.12 open-ssl 0.9.6 I was finally able to generate a key and csr successfully. But when I run: apachectl start or apachectl startssl, I'm still receiving: ./apachectl start: httpd could not be started and error_log shows this: mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Any suggestions would be appreciated!!! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
FAQ: Failed to generate temporary 512 bit RSA private key
A modest proposal: Since "Failed to generate temporary 512 bit RSA private key" is such an FAQ on this list (even though it's in the FAQ ;-), perhaps some defensive coding might be order that detects possible errors earlier and so gives a more informative error message? An easy one would to die with an error if there are no random sources defined in the conf file . This for example can happen with the mod_perl test suite's default httpd.conf Harder would be to cause an error like the the above to be logged as "Failed to generate temporary 512 bit RSA private key: insufficient entropy available from the random source(s) " or similar? [ There are probably good reasons why this cant be done; if so, I'll just shut up and go away :-) ] Dave M. * Dave Mitchell, Operations Manager, * Fretwell-Downing Facilities Ltd, UK. [EMAIL PROTECTED] * Tel: +44 114 281 6113.The usual disclaimers * * Standards (n). Battle insignia or tribal totems __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Problem with Failed to generate temporary 512 bit RSA private key
Mads Toftum wrote: On Fri, Jul 28, 2000 at 06:01:33PM +0900, Simon Dubey wrote: Hello I have just installed mod-ssl on a solaris /sparc machine and get the above error. I have read the FAQ and tried to following what it is suggesting with $HOME/.rnd but do not quite follow it - well what I did, did not work. I have also tried truerand as well but that did not work either. Also check http://www.openssl.org/support/faq.html#6 and http://www.openssl.org/docs/crypto/RAND_egd.html OK - so I have installed egd - what do I have to do to get mod_ssl to use it ? I have it running with socket parameter of /etc/entropy and tried setting SSLRandomSeed to this value. Please help Simon. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Problem with Failed to generate temporary 512 bit RSA private key
Simon, You need to create a file called $HOME/.rnd, open it with your editor and enter in random key strokes. Enter a few lines of random data. This is the easiest way to get it to work. Then run "openssl genrsa .../etc." to generate your key file pair. Cheers Mark Jackson [EMAIL PROTECTED] Simon Dubey [EMAIL PROTECTED] on 07/31/2000 01:00:47 PM Please respond to [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: Problem with "Failed to generate temporary 512 bit RSA private key" Mads Toftum wrote: On Fri, Jul 28, 2000 at 06:01:33PM +0900, Simon Dubey wrote: Hello I have just installed mod-ssl on a solaris /sparc machine and get the above error. I have read the FAQ and tried to following what it is suggesting with $HOME/.rnd but do not quite follow it - well what I did, did not work. I have also tried truerand as well but that did not work either. Also check http://www.openssl.org/support/faq.html#6 and http://www.openssl.org/docs/crypto/RAND_egd.html OK - so I have installed egd - what do I have to do to get mod_ssl to use it ? I have it running with socket parameter of /etc/entropy and tried setting SSLRandomSeed to this value. Please help Simon. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] ** Important Note This email (including any attachments) contains information which is confidential and may be subject to legal privilege. If you are not the intended recipient you must not use, distribute or copy this email. If you have received this email in error please notify the sender immediately and delete this email. Any views expressed in this email are not necessarily the views of AXA. Thank you. ** __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Problem with Failed to generate temporary 512 bit RSA private key
On Fri, Jul 28, 2000 at 06:01:33PM +0900, Simon Dubey wrote: Hello I have just installed mod-ssl on a solaris /sparc machine and get the above error. I have read the FAQ and tried to following what it is suggesting with $HOME/.rnd but do not quite follow it - well what I did, did not work. I have also tried truerand as well but that did not work either. Also check http://www.openssl.org/support/faq.html#6 and http://www.openssl.org/docs/crypto/RAND_egd.html vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Problem with Failed to generate temporary 512 bit RSA private key
Hello I have just installed mod-ssl on a solaris /sparc machine and get the above error. I have read the FAQ and tried to following what it is suggesting with $HOME/.rnd but do not quite follow it - well what I did, did not work. I have also tried truerand as well but that did not work either. Please advise Simon. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[BugDB] init: Failed to generate temporary 512 bit RSA private key (PR#407)
Full_Name: Robert Aden Version: 2.6.0-1.3.12 OS: bsdi 3.1 Submission from: (NULL) (195.67.147.20) I think the subject pretty much says it all. Don't really know if this is a bug or a bad configuration on my system but i cant find anything wrong and the same setup works on bsdi4.1. using: apache 1.3.12 openssl-0.9.5 gcc version 2.95.1 //R __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Failed to generate temporary 512 bit RSA private key
Hello, I get this error message when i start apache after installing modssl : "Failed to generate temporary 512 bit RSA private key" I have looked in the archive and found people having the same problem... but no answer. How can I fix this ? Thank you very much, Laurent __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
2 - Failed to generate temporary 512 bit RSA private key
Thank you very much, but we still couldn't make it work. We made sure the PRNG has been seeded with at least 128 bits of randomness. The error message is still there. How can we fix that ? Thanks, Laurent - Original Message - From: "Mads Toftum" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 11, 2000 11:28 AM Subject: Re: Failed to generate temporary 512 bit RSA private key On Tue, Jul 11, 2000 at 11:15:22AM -0400, Silesky Marketing Inc, Support wrote: Hello, I get this error message when i start apache after installing modssl : "Failed to generate temporary 512 bit RSA private key" I have looked in the archive and found people having the same problem... but no answer. Hm - I know that I've answered this several times, and that the answers are there... it is also in the FAQ: http://www.modssl.org/docs/2.6/ssl_faq.html#ToC15 and http://www.openssl.org/support/faq.html#6 vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: 2 - Failed to generate temporary 512 bit RSA private key
On Tue, Jul 11, 2000 at 11:52:32AM -0400, Silesky Marketing Inc, Support wrote: Thank you very much, but we still couldn't make it work. We made sure the PRNG has been seeded with at least 128 bits of randomness. The error message is still there. How can we fix that ? Please make sure to check _all_ logfiles, there is especially the ssl_engine_log. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: 2 - Failed to generate temporary 512 bit RSA private key
The ssl_engine_log is empty any idea ? Thanks, Laurent - Original Message - From: "Lutz Jaenicke" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 11, 2000 2:06 PM Subject: Re: 2 - Failed to generate temporary 512 bit RSA private key On Tue, Jul 11, 2000 at 11:52:32AM -0400, Silesky Marketing Inc, Support wrote: Thank you very much, but we still couldn't make it work. We made sure the PRNG has been seeded with at least 128 bits of randomness. The error message is still there. How can we fix that ? Please make sure to check _all_ logfiles, there is especially the ssl_engine_log. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: 2 - Failed to generate temporary 512 bit RSA private key
On Tue, Jul 11, 2000 at 02:16:11PM -0400, Silesky Marketing Inc, Support wrote: The ssl_engine_log is empty any idea ? mod_ssl (2.6.5) will initialize the seed (ssl_engine_init.c:348), then immediately call RSA_generate_key(). If this one fails, it will die and log the contents of the error storage, pushed by RSA_generate_key(). I've never seen an OpenSSL routine that fails without message... Good night, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[BugDB] init: Failed to generate temporary 512 bit RSA private key (PR#407)
Full_Name: Robert Aden Version: 2.6.0-1.3.12 OS: bsdi 3.1 Submission from: (NULL) (195.67.147.20) I think the subject pretty much says it all. Don't really know if this is a bug or a bad configuration on my system but i cant find anything wrong and the same setup works on bsdi4.1. using: apache 1.3.12 openssl-0.9.5 gcc version 2.95.1 //R __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] Failed to generate temporary 512 bit RSA private key (PR#384)
On Fri, May 19, 2000 at 07:07:04AM +0200, [EMAIL PROTECTED] wrote: When I started the apachectl -startssl. There is message on the log file: [Fri May 19 13:55:00 2000] [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key This is a FAQ - http://www.modssl.org/docs/2.6/ssl_faq.html#ToC15 and http://www.openssl.org/support/faq.html#6 vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[BugDB] Failed to generate temporary 512 bit RSA private key (PR#384)
Full_Name: Kelvin Kwok Version: mod_ssl-2.6.3-1.3.12 OS: Solaris 2.7 Submission from: (NULL) (202.33.124.22) When I started the apachectl -startssl. There is message on the log file: [Fri May 19 13:55:00 2000] [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Again !! - Failed to generate temporary 512 bit RSA private key
On Mon, Mar 13, 2000 at 05:53:24PM -0800, Saleej T wrote: ... /usr/local/apache/bin/apachectl startssl: httpd could not be started and in the ssl log file it is giving [13/Mar/2000 17:24:56 06351] [error] Init: Failed to generate temporary 512 bit RSA private key [13/Mar/2000 17:42:23 06355] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.0, Library: OpenSSL/0.9.5 [13/Mar/2000 17:42:23 06355] [info] Init: 1st startup round (still not detached) [13/Mar/2000 17:42:23 06355] [info] Init: Initializing OpenSSL library [13/Mar/2000 17:42:23 06355] [info] Init: Loading certificate private key of SSL-aware server www.basheer.com:443 [13/Mar/2000 17:42:23 06355] [info] Init: Seeding PRNG with 8 bytes of entropy [13/Mar/2000 17:42:23 06355] [info] Init: Generating temporary RSA private keys (512/1024 bits) [13/Mar/2000 17:42:23 06355] [error] Init: Failed to generate temporary 512 bit RSA private key ... What is in the ssl_egine_log? Did you try to feed the PRNG _explicitely_ via httpd.conf and with more than 8 bytes? openssl-0.9.5/crypto/rand/md_rand.c: #define ENTROPY_NEEDED 16 /* require 128 bits = 16 bytes of randomness */ Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Again !! - Failed to generate temporary 512 bit RSA private key
Hello, I have installed Apache 1.3.12 + Mod-SSL 2.6.2-1.3.12 + OpenSSL 0.9.5 under Solaris 2.7. Whenever I am trying to start the web server with "/usr/local/apache/bin/apachectl start" the normal HTTP server runs fine. But whenever I am starting the HTTPS server with "/usr/local/apache/bin/apachectl startssl" it is giving the following message. /usr/local/apache/bin/apachectl startssl: httpd could not be started and in the ssl log file it is giving [13/Mar/2000 17:24:56 06351] [error] Init: Failed to generate temporary 512 bit RSA private key [13/Mar/2000 17:42:23 06355] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.0, Library: OpenSSL/0.9.5 [13/Mar/2000 17:42:23 06355] [info] Init: 1st startup round (still not detached) [13/Mar/2000 17:42:23 06355] [info] Init: Initializing OpenSSL library [13/Mar/2000 17:42:23 06355] [info] Init: Loading certificate private key of SSL-aware server www.basheer.com:443 [13/Mar/2000 17:42:23 06355] [info] Init: Seeding PRNG with 8 bytes of entropy [13/Mar/2000 17:42:23 06355] [info] Init: Generating temporary RSA private keys (512/1024 bits) [13/Mar/2000 17:42:23 06355] [error] Init: Failed to generate temporary 512 bit RSA private key I kept the $HOME/.rnd file by "touch $HOME/.rnd" and tried to give make certificate again. But the result is same. Instead of just creating the ".rnd" file I copied the files like ..openssl-0.9.5/ms/.rnd ..openssl-0.9.5/test/.rnd to $HOME. But still the effect is same. What's wrong? Could anybody help me? Regards, Saleej. __ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
"Ralf S. Engelschall" wrote: [Tue Mar 7 17:42:46 2000] [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key FAQ: http://www.modssl.org/docs/2.6/ssl_faq.html#entropy Cool thanks - didn't realise it'd be this easy :) Regards, Graham -- __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
Hi all, I just upgraded an Apache v1.3.9 + mod_ssl v2.4.10 installation to Apache v1.3.12 and mod_ssl v2.6.2. I stopped the server, and then restarted it again, but the new server would not start up - it gave the error: [Tue Mar 7 17:42:46 2000] [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key Does anyone know why this might be the case? I also upgraded OpenSSL from v0.9.4 to 0.9.5, would this have broken anything? Regards, Graham -- __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
On Tue, Mar 07, 2000, Graham Leggett wrote: I just upgraded an Apache v1.3.9 + mod_ssl v2.4.10 installation to Apache v1.3.12 and mod_ssl v2.6.2. I stopped the server, and then restarted it again, but the new server would not start up - it gave the error: [Tue Mar 7 17:42:46 2000] [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key FAQ: http://www.modssl.org/docs/2.6/ssl_faq.html#entropy Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Failed to generate temporary 512 bit RSA private key
On Wed, Mar 01, 2000, Jim Sproull wrote: I'm trying to get the latest version of apache and mod_ssl compiled and running, but am running into a snag. We currently have apache 1.3.6 and mod_ssl-2.3.2-1.3.6 running with no problems at all. However, when I try running the new httpd, I get this logged to error.log, and it bombs out: [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key I'm not quite sure why it's trying to generate this temporary key...I'm not located in the US, so, from what I understand, don't need an RSA key, right? Is it expecting a key to have already been generated (possibly by make certificate)? The key is needed not for your server itself, it's needed mainly for it to be able to communicate with export-restricted client browsers. For the reason for the error, read http://www.openssl.org/support/faq.html#6 and especially upgrade to mod_ssl 2.6, please. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Failed to generate temporary 512 bit RSA private key
Hi folks, I'm trying to get the latest version of apache and mod_ssl compiled and running, but am running into a snag. We currently have apache 1.3.6 and mod_ssl-2.3.2-1.3.6 running with no problems at all. However, when I try running the new httpd, I get this logged to error.log, and it bombs out: [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key I'm not quite sure why it's trying to generate this temporary key...I'm not located in the US, so, from what I understand, don't need an RSA key, right? Is it expecting a key to have already been generated (possibly by make certificate)? Thanks, Jim Sproull __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]