I'm trying to build Apache-SSL from source. I've compiled and
installed OpenSSL 0.9.5a successfully. I've also managed to
compile and install Apache 1.3.9 with Ben's SSL 1.37. Now I'm
trying to make a certificate like this:
Trouble is, I get these errors:
/opt/local/bin/openssl req -config ../SSLconf/conf/ssleay.cnf \
-new -x509 -nodes -out ../SSLconf/conf/httpsd.pem \
-keyout ../SSLconf/conf/httpsd.pem; \
ln -sf httpsd.pem ../SSLconf/conf/`/opt/local/bin/openssl \
x509 -noout -hash < ../SSLconf/conf/httpsd.pem`.0
Using configuration from ../SSLconf/conf/ssleay.cnf
unable to load 'random state'
This means that the random number generator has not been seeded
with much random data.
Generating a 1024 bit RSA private key
12629:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:538:
12629:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182:
*** Error code 1
make: Fatal error: Command failed for target `certificate'
Truss shows that the openssl command can't find one of two
files which look like they're to do with random key generation:
12635: stat("/home/richteer/.rnd", 0xFFBEE388) Err#2 ENOENT
12635: open("/dev/urandom", O_RDONLY) Err#2 ENOENT
Needless to say, I don't have either of these files!
Does anyone know where I can get (or how I can build) these
files? I'm using Solaris 7 MU 4 plus recent patches & Apache 1.3.9
on a Sun Ultra 5. As I'll soon be doing the same thing with Apache
1.3.12 (using the corresponding version of Apache-SSL), something
that works with both releases would be appreciated!
I've tried looking at the OpenSSL.org site, the Solaris FAQ, and
the Apache-SSL web site too, all to no avail. Any help or pointers
NT tries to do almost everything UNIX does, but fails - miserably.
The use of Windoze cripples the mind; its use should, therefore, be
regarded as a criminal offence. (With apologies to Edsger W. Dijkstra)
Voice: +1 (250) 979-1638