We are trying to use openssl on our AIX boxes to get a digital certificate. First we have to create a csr using this command.
openssl req -new -nodes -keyout private.key -out public.csr but we get this error. atas@cipa1315> openssl req -new -nodes -keyout private.key -out public.csr Using configuration from /etc/openssl/openssl.cnf unable to load 'random state' This means that the random number generator has not been seeded with much random data. Generating a 1024 bit RSA private key 16804:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:501:You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html 16804:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182: atas@cipa1315> Have you seen this before and have you found the solution? We can generate the csr from our windows and linux machines, but if you have the fix for this it would be nice. I copied/pasted part of the "PRNG not seeded" error message as below. Most components of the openssl command line utility automatically try to seed the random number generator from a file. The name of the default seeding file is determined as follows: If environment variable RANDFILE is set, then it names the seeding file. Otherwise if environment variable HOME is set, then the seeding file is $HOME/.rnd. If neither RANDFILE nor HOME is set, versions up to OpenSSL 0.9.6 will use file .rnd in the current directory while OpenSSL 0.9.6a uses no default seeding file at all <<PRNG not seeded.doc>> The environment variable RANDFILE is not set and HOME is set, but the seeding file $HOME/.rnd does not exist. Thanks, Mike Chen IBM TOS team Office: 312-669-2289 Pager: 312-333-5100 mailto:[EMAIL PROTECTED] 425 W. Randolph, floor 12NE Chicago, IL
PRNG not seeded.doc
Description: MS-Word document
