You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "J. W. Ballantine" <jw...@homer.att.com> on 2003/06/19 13:55:42 UTC
[users@httpd] Apache/2.1.0-dev, mod_ssl and insufficient entry
I'm trying to start Apache/2.1.0-dev with mod_ssl enabled and all
I keep getting is the dreaded:
[Wed Jun 18 15:31:59 2003] [warn] Init: PRNG still contains insufficient
entropy!
[Wed Jun 18 15:31:59 2003] [error] Init: Failed to generate temporary 512 bit
RSA private key
Configuration Failed
I understand that this is controlled by SSLRandomSeed in the httpd.conf file,
and I've tried the following pairs to generate enough entropy:
SSLRandomSeed startup exec:`/usr/local/add-on/egd/bin/egc.pl
/etc/local/openssh/egd-pool`
SSLRandomSeed connect exec:`/usr/local/add-on/egd/bin/egc.pl
/etc/local/openssh/egd-pool`
SSLRandomSeed startup egd:/etc/local/openssh/egd-pool
SSLRandomSeed connect egd:/etc/local/openssh/egd-pool
SSLRandomSeed startup file:/etc/local/openssh/httpd_ssl.seed
SSLRandomSeed connect file:/etc/local/openssh/httpd_ssl.seed
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
where /etc/local/openssh/httpd_ssl.seed was created by:
/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool read 255
and /etc/local/openssh/egd-pool is the socket from egd.pl ( which works
fine with pnrgd for opensshd ).
Any thoughts/pointers will be greatly appreciated.
The cvs date is 20030612 and other info on httpd are:
Server version: Apache/2.1.0-dev
Server built: Jun 12 2003 12:14:31
Server version: Apache/2.1.0-dev
Server built: Jun 12 2003 12:14:31
Server's Module Magic Number: 20030213:1
Architecture: 32-bit
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_PROC_PTHREAD_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT="/local/APACHE/Apache2"
-D SUEXEC_BIN="/local/APACHE/Apache2/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="logs/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Compiled in modules:
core.c
mod_authn_file.c
mod_authn_default.c
mod_authz_host.c
mod_authz_groupfile.c
mod_authz_user.c
mod_authz_default.c
mod_auth_basic.c
mod_include.c
mod_log_config.c
mod_env.c
mod_setenvif.c
mod_ssl.c
prefork.c
http_core.c
mod_mime.c
mod_status.c
mod_autoindex.c
mod_asis.c
mod_cgi.c
mod_negotiation.c
mod_dir.c
mod_imap.c
mod_actions.c
mod_userdir.c
mod_alias.c
mod_so.c
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Apache/2.1.0-dev, mod_ssl and insufficient entry
Posted by Sander Holthaus - Orange XL <in...@orangexl.com>.
This question is probably more appropiate on the development-list. As far as
I know there are some issues with SSL and Apache /2.1.0.
Kind Regards,
Sander Holthaus
-----Original Message-----
From: J. W. Ballantine [mailto:jwb@homer.att.com]
Sent: donderdag 19 juni 2003 13:56
To: users@httpd.apache.org
Subject: [users@httpd] Apache/2.1.0-dev, mod_ssl and insufficient entry
I'm trying to start Apache/2.1.0-dev with mod_ssl enabled and all I keep
getting is the dreaded:
[Wed Jun 18 15:31:59 2003] [warn] Init: PRNG still contains insufficient
entropy!
[Wed Jun 18 15:31:59 2003] [error] Init: Failed to generate temporary 512
bit
RSA private key
Configuration Failed
I understand that this is controlled by SSLRandomSeed in the httpd.conf
file, and I've tried the following pairs to generate enough entropy:
SSLRandomSeed startup exec:`/usr/local/add-on/egd/bin/egc.pl
/etc/local/openssh/egd-pool`
SSLRandomSeed connect exec:`/usr/local/add-on/egd/bin/egc.pl
/etc/local/openssh/egd-pool`
SSLRandomSeed startup egd:/etc/local/openssh/egd-pool SSLRandomSeed connect
egd:/etc/local/openssh/egd-pool
SSLRandomSeed startup file:/etc/local/openssh/httpd_ssl.seed
SSLRandomSeed connect file:/etc/local/openssh/httpd_ssl.seed
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
where /etc/local/openssh/httpd_ssl.seed was created by:
/usr/local/add-on/egd/bin/egc.pl /etc/local/openssh/egd-pool read 255 and
/etc/local/openssh/egd-pool is the socket from egd.pl ( which works fine
with pnrgd for opensshd ).
Any thoughts/pointers will be greatly appreciated.
The cvs date is 20030612 and other info on httpd are:
Server version: Apache/2.1.0-dev
Server built: Jun 12 2003 12:14:31
Server version: Apache/2.1.0-dev
Server built: Jun 12 2003 12:14:31
Server's Module Magic Number: 20030213:1
Architecture: 32-bit
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_PROC_PTHREAD_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT="/local/APACHE/Apache2"
-D SUEXEC_BIN="/local/APACHE/Apache2/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="logs/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Compiled in modules:
core.c
mod_authn_file.c
mod_authn_default.c
mod_authz_host.c
mod_authz_groupfile.c
mod_authz_user.c
mod_authz_default.c
mod_auth_basic.c
mod_include.c
mod_log_config.c
mod_env.c
mod_setenvif.c
mod_ssl.c
prefork.c
http_core.c
mod_mime.c
mod_status.c
mod_autoindex.c
mod_asis.c
mod_cgi.c
mod_negotiation.c
mod_dir.c
mod_imap.c
mod_actions.c
mod_userdir.c
mod_alias.c
mod_so.c
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org