Cant load .rnd into RNG

dehydrated-io / dehydrated

letsencrypt/acme client implemented as a shell-script – just add water

https://dehydrated.io

MIT License

5.97k stars 717 forks source link

Cant load .rnd into RNG #691

Closed loewexy closed 4 years ago

loewexy commented 4 years ago

If I run dehydrated in cron mode and it is generating a CSR it throws the following error.

+ Signing domains...
 + Generating private key...
 + Generating signing request...
Can't load /root/.rnd into RNG
140303236821440:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd

I am not sure if this is a problem and where it comes from. Google just leads to some odd openssl options for which I do not know if dehydrated uses them.

lukas2511 commented 4 years ago

This should be an issue with your systems openssl/libressl config, nothing directly related to dehydrated. I can't really help you with that.

propointaws commented 4 years ago

For anyone else having this issue, see https://github.com/openssl/openssl/issues/7754.

TLDR, comment or remove the RANDFILE variable from your openssl config file, at /usr/lib/ssl/openssl.cnf in Ubuntu.