使用OpenSSL，“无法写入'随机状态'"是什么?意思是? [英] Using OpenSSL what does "unable to write 'random state'" mean?

问题描述

我正在生成一个自签名SSL证书来保护服务器的admin部分，并且不断从OpenSSL收到此消息:

I'm generating a self-signed SSL certificate to protect my server's admin section, and I keep getting this message from OpenSSL:

无法写入随机状态"

unable to write 'random state'

这是什么意思?

这是在Ubuntu服务器上.我已经升级了libssl以修复最近的安全漏洞.

This is on an Ubuntu server. I have upgraded libssl to fix the recent security vulnerability.

推荐答案

在实践中，发生这种情况的最常见原因似乎是您的主目录中的.rnd文件是root拥有的，而不是您的帐户拥有的.快速修复:

In practice, the most common reason for this happening seems to be that the .rnd file in your home directory is owned by root rather than your account. The quick fix:

sudo rm ~/.rnd

有关更多信息，请参见 OpenSSL常见问题解答:

For more information, here's the entry from the OpenSSL FAQ:

有时候，openssl命令行实用程序不会因显示"PRNG not seed"错误消息而中止，但抱怨它无法写入'随机状态'".此消息引用默认的种子文件(请参阅上一个答案).可能的原因是，由于既未设置RANDFILE也未设置HOME，因此默认文件名未知. (在这种情况下，版本0.9.6之前的版本在当前目录中使用文件".rnd"，但在0.9.6a中已更改.)

Sometimes the openssl command line utility does not abort with a "PRNG not seeded" error message, but complains that it is "unable to write 'random state'". This message refers to the default seeding file (see previous answer). A possible reason is that no default filename is known because neither RANDFILE nor HOME is set. (Versions up to 0.9.6 used file ".rnd" in the current directory in this case, but this has changed with 0.9.6a.)

因此，我将检查RANDFILE，HOME和写入文件系统中那些位置的权限.

So I would check RANDFILE, HOME, and permissions to write to those places in the filesystem.

如果一切似乎都正常，则可以尝试使用 strace 进行运行，然后看看到底是什么正在继续.

If everything seems to be in order, you could try running with strace and see what exactly is going on.

这篇关于使用OpenSSL，“无法写入'随机状态'"是什么?意思是?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！