search

Openssl cant load rnd into rng

1 years ago
Comments: 0
Views: 70

I am trying to create 3 required files ca.pen, cert.pem and key.pem. I am receiving errors when inputing commands and following the docker guide.

Here is an except from the terminal:

Enter pass phrase for ca-key.pem:
Can't load /root/.rnd into RNG
140347370283456:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:Queensland
Locality Name (eg, city) []:Brisbane
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Docker Inc
Organizational Unit Name (eg, section) []:Sales
Common Name (e.g. server FQDN or YOUR name) []:206.189.187.199
Email Address []:
root@docker-s-1vcpu-1gb-nyc1-01:~# openssl genrsa -out server-key.pem 4096
Generating RSA private key, 4096 bit long modulus (2 primes)
..........................................................................................................................................................................................................................................................................++++
.............................++++
e is 65537 (0x010001)

root@docker-s-1vcpu-1gb-nyc1-01:~# $ openssl req -subj "/CN=206.189.187.199" -sha256 -new -key server-key.pem -out server.csr
$: command not found
root@docker-s-1vcpu-1gb-nyc1-01:~# $ openssl req -subj "/CN=206.189.187.199" -sha256 -new -key server-key.pem -out server.csr
$: command not found
root@docker-s-1vcpu-1gb-nyc1-01:~# echo subjectAltName = DNS:206.189.187.199,IP:10.10.10.20,IP:127.0.0.1 >> extfile.cnf
root@docker-s-1vcpu-1gb-nyc1-01:~# echo extendedKeyUsage = serverAuth >> extfile.cnf

root@docker-s-1vcpu-1gb-nyc1-01:~# openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem \
>   -CAcreateserial -out server-cert.pem -extfile extfile.cn
Can't open extfile.cn for reading, No such file or directory
139925498274240:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:72:fopen('extfile.cn','r')
139925498274240:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:79:
root@docker-s-1vcpu-1gb-nyc1-01:~# openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem \
>   -CAcreateserial -out server-cert.pem -extfile extfile.cnf
Can't open server.csr for reading, No such file or directory
140263526920640:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:72:fopen('server.csr','r')
140263526920640:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:79:

root@docker-s-1vcpu-1gb-nyc1-01:~# 
root@docker-s-1vcpu-1gb-nyc1-01:~# openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem \
>  -CAcreateserial -out server-cert.pem -extfile extfile.cnf
Can't open server.csr for reading, No such file or directory
139985191776704:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:72:fopen('server.csr','r')
139985191776704:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:79:

Any assistance or advice would be most appreciated

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Openssl cant load rnd into rng

菜又学

Openssl cant load rnd into rng
于 2021-12-10 21:28:39 发布
Openssl cant load rnd into rng
676
Openssl cant load rnd into rng
收藏 1

版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。

Can't load /home/test/.rnd into RNG

140409534742976:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/home/test/.rnd

解决方法:在缺少.rnd的目录中生成.rnd

cd /home/test
openssl rand -writerand .rnd

Debian Bug report logs - #898470
openssl says "Can't load /root/.rnd into RNG"

Reported by: Sander Jonkers <>

Date: Sat, 12 May 2018 05:42:02 UTC

Severity: important

Found in version openssl/1.1.1~~pre6-2

Fixed in version 1.1.1a-1

Done: Sebastian Andrzej Siewior <>

Bug is archived. No further changes may be made.

Toggle useless messages

Report forwarded to , , Debian OpenSSL Team <>:
Bug#898470; Package openssl. (Sat, 12 May 2018 05:42:04 GMT) (full text, mbox, link).

Acknowledgement sent to Sander Jonkers <>:
New Bug report received and forwarded. Copy sent to , Debian OpenSSL Team <>. (Sat, 12 May 2018 05:42:04 GMT) (full text, mbox, link).

Message #5 received at (full text, mbox, reply): 

Package: openssl
Version: 1.1.1~~pre6-2
Severity: important

Dear Maintainer,

Situation:
debian experimental, clean install (docker container), openssl (version 1.1.1, via "install -t experimental)

First command (goes well):
# openssl genrsa -out example.com.key 2048

Second command (goed wrong):
# openssl req -new -x509 -key example.com.key -out example.com.cert -days 3650 -subj /CN=example.com      
Can't load /root/.rnd into RNG
140283178746304:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd

I would have expected no error.


A "touch /root/.rnd" makes the error go away, but I guess that is not the correct solution?





-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.13.0-041300-generic (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages openssl depends on:
ii  libc6      2.27-3
ii  libssl1.1  1.1.1~~pre6-2

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates  20180409

-- no debconf information

Information forwarded to , Debian OpenSSL Team <>:
Bug#898470; Package openssl. (Mon, 14 May 2018 21:48:03 GMT) (full text, mbox, link).

Acknowledgement sent to Sebastian Andrzej Siewior <>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSL Team <>. (Mon, 14 May 2018 21:48:03 GMT) (full text, mbox, link).

Message #10 received at (full text, mbox, reply): 

On 2018-05-12 05:38:05 [+0000], Sander Jonkers wrote:
> Second command (goed wrong):
> # openssl req -new -x509 -key example.com.key -out example.com.cert -days 3650 -subj /CN=example.com      
> Can't load /root/.rnd into RNG
> 140283178746304:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd
> 
> I would have expected no error.

It does say error, but everything completes as expected, correct?

Sebastian

Information forwarded to , Debian OpenSSL Team <>:
Bug#898470; Package openssl. (Tue, 15 May 2018 05:57:03 GMT) (full text, mbox, link).

Acknowledgement sent to Sander Jonkers <>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSL Team <>. (Tue, 15 May 2018 05:57:03 GMT) (full text, mbox, link).

Message #15 received at (full text, mbox, reply): 

[Message part 1 (text/plain, inline)]
On Mon, May 14, 2018 at 11:45 PM, Sebastian Andrzej Siewior <
> wrote:

>
> It does say error, but everything completes as expected, correct?
>

Yes, correct: the cert file is created, despite the error message.


FWIW: with the older openssl 1.1.0  "libssl1.1:amd64 (1.1.0h-2)", there is
no error message with the cert-gen command; the file /root/.rnd is there
after the first openssl key-gen command

root@0e7025a0d9cc:/# openssl version
OpenSSL 1.1.0h  27 Mar 2018


root@0e7025a0d9cc:/# ls -al /root/.rnd
ls: cannot access '/root/.rnd': No such file or directory

root@0e7025a0d9cc:/# openssl genrsa -out example.com.key 2048
Generating RSA private key, 2048 bit long modulus
...............................+++
.....................+++
e is 65537 (0x010001)

root@0e7025a0d9cc:/# ls -al /root/.rnd
-rw------- 1 root root 1024 May 15 05:47 /root/.rnd

root@0e7025a0d9cc:/# openssl req -new -x509 -key example.com.key -out
example.com.cert -days 3650 -subj /CN=example.com
root@0e7025a0d9cc:/#

[Message part 2 (text/html, inline)]

Reply sent to Sebastian Andrzej Siewior <>:
You have taken responsibility. (Mon, 26 Nov 2018 21:30:10 GMT) (full text, mbox, link).

Notification sent to Sander Jonkers <>:
Bug acknowledged by developer. (Mon, 26 Nov 2018 21:30:11 GMT) (full text, mbox, link).

Message #20 received at (full text, mbox, reply): 

Version: 1.1.1a-1
On 2018-05-15 07:53:28 [+0200], Sander Jonkers wrote:
> Yes, correct: the cert file is created, despite the error message.
> 
> 
> FWIW: with the older openssl 1.1.0  "libssl1.1:amd64 (1.1.0h-2)", there is
> no error message with the cert-gen command; the file /root/.rnd is there
> after the first openssl key-gen command

and now the error message is gone.

Sebastian

Bug archived. Request was from Debbugs Internal Request <> to . (Tue, 25 Dec 2018 07:31:57 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <>. Last modified: Sat Oct 8 15:24:04 2022; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

openssl load rnd rng Openssl rand Create .rnd file Rnd file Linux Openssl req

Related Posts

Advertising

LATEST NEWS

Rent to own houses in niles michigan
1 years ago . by NiceOriginality
No deposit bonus codes for lucky tiger casino
1 years ago . by CoarseUnhappiness
How to delete payment history on facebook messenger
1 years ago . by IcedBegun
Omeprazole 40 mg how long does it take to work
1 years ago . by UsualMorale
Bohemian rhapsody i want to break free
1 years ago . by Six-monthAllotment
How much money is grimmsnarl vmax worth
1 years ago . by DeplorableAgriculture
Apartments for rent in hyde park ma by owner
1 years ago . by IrreversibleMisery
How much is a bogus basin day pass
1 years ago . by GrievousSharpness
Does co signing for a car hurt your credit
1 years ago . by IndispensableSetup
How to delete all documents on mac
1 years ago . by UnifiedSubscription

Advertising

Populer

Advertising

About

Legal

Help

Social

homeenittrjazhko
Copyright © 2024 boxhoidap Inc.