Hi,
----- Original Message -----
From: Lotey. Kulwant <[EMAIL PROTECTED]>
> Hi,
>
> I have OpenSSL installed, and get the following error in generating a RSA
> private key when I type:
>
> genrsa -des3 -out server.key 1024
>
> The error message I get is:
>
> 15678:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not
> seeded:md_rand.c:474:You need......
> 15678:error:040699003:rsa routines:RSA_generating_key:BN
lib:rsa_gen.c:182:
> error in genrsa
I'm sure the answer is in the FAQ too as this one pops up very often.
Your 'entropy pool', used by the OpenSSL random number generator, has not
been properly initialized. Meaning: you didn't load enough 'randomness' in
there.
You may wish to specify a file with 'random bytes' using the '-rand
[filename]' option as in:
genrsa -des3 -out server.key 1024 -rand random.dat
where random.dat is a file containing arbitrary bytes. (If you're lazy like
me the first time, just copy some other file of about 1-4KByte to
'random.dat'. The proper way of generating this 'random pool file' is:
rand -rand inputfile1;inputfile2;... -out random.dat 2048
where you can specifiy one or more 'inputfiles' above that contain some
amount of 'randomness' (entropy). These files are read by the 'rand' tool
and the resulting 'entropy pool' file 'random.dat' (size 2048 bytes in my
example).
See for a better (and more complete) explanation:
http://www.openssl.org/docs/apps/rand.html#
http://www.openssl.org/docs/apps/genrsa.html#
Groetjes/Greetinx,
Ger
----------------------------------------------------------------------------
Ger Hobbelt a.k.a. Insh_Allah mailto:[EMAIL PROTECTED]
----------------------------------------------------------------------------
Peter Pan can fly when he thinks his Happy Thought.
I want to fly too.
My Happy Thought is... one part Prozac and one part LSD...
Wow! Awesome, dude!
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
