httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Laurent Blume <laurent.bl...@infores.com>
Subject Re: [users@httpd] Apache 2 w/ SSL on HP-UX needs more entropy.
Date Thu, 02 Jan 2003 13:18:37 GMT
Well, after some more tries, it seems there was something wrong in the 
ssl.conf, or maybe it didn't like having the certificate files in 
somewhere else than conf/ssl.crt and conf/ssl.key.
I did make install again, put the certificates there, and it's now 
working fine.

I'm going to concentrate now on my mod_auth_ldap problem :-)

Laurent Blume wrote:
> Good morning and Happy New Year to everybody!
> 
> I'm having a problem with SSL on HP-UX 11.00.
> I compiled Apache 2.0.43 with dynamic modules, with OpenSSL 0.9.7.
> Everytime I try to start it, it gives the following message in error_log:
> 
> [Thu Jan 02 10:30:04 2003] [info] Init: Initializing OpenSSL library
> [Thu Jan 02 10:30:04 2003] [info] Init: Seeding PRNG with 0 bytes of 
> entropy
> [Thu Jan 02 10:30:04 2003] [warn] Init: PRNG still contains insufficient 
> entropy!
> [Thu Jan 02 10:30:04 2003] [info] Init: Generating temporary RSA private 
> keys (512/1024 bits)
> [Thu Jan 02 10:30:04 2003] [error] Init: Failed to generate temporary 
> 512 bit RSA private key
> Configuration Failed
> 
> I understand what it means, I checked on mod_ssl website, my problem is, 
> how to solve it ?
> There is no /dev/random on this version of HP-UX, so I created a ~/.rnd 
> to create certificates with openssl, it worked fine.
> I tried to replace 'builtin' by 'file:~/.rnd' with SSLRandomSeed in 
> ssl.conf, no change in the error.
> 
> I'm a bit puzzled, because when I first tried mod_ssl with Apache 1.3.x 
> on Solaris, around 3 years ago, there was no /dev/random either, but it 
> worked out-of-the-box, I never needed to create any file or special config.
> 
> So if anyone has an idea where I can buy a can of entropy seeds (online 
> if possible), I'd like to know :-)
> 
> TIA,
> 
> Laurent
> 


-- 
   IRI-Secodip                  www.infores.com
   4, rue André Derain          mailto:laurent.blume@infores.com
   78240 Chambourcy             tel: +33 (0) 130 06 26 52
   France                       fax: +33 (0) 130 65 09 45


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message