I got this message:
12/23 07:19:16.75  2+1: -- Fork(FSV): 16977 -> 16978
12/23 07:19:16.75  2+1: #### execFilter[FSV]
12/23 07:19:16.78  2+1: HTTP => (cco-tools-dev.cisco.com:443) GET
12/23 07:19:16.78  2+1: #HT11 FORCE HTTP/1.1 or
## SSLway(huele-dsl4) connect failed
16978:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not
seeded:md_rand.c:474:You need to read the OpenSSL FAQ,
16978:error:14098005:SSL routines:SSL3_SEND_CLIENT_KEY_EXCHANGE:bad asn1
12/23 07:19:16.90  2+1: HTTP realy_response: EOF at start
12/23 07:19:16.90  2+1: #HT11 EOF from the server
12/23 07:19:16.90  2+1: #HT11 close svsokcs[19,20]
12/23 07:19:16.91  2+1/1: HCKA: closed -- ?
And check http://www.openssl.org/support/faq.html . Any idea?
1. Why do I get a "PRNG not seeded" error message?
Cryptographic software needs a source of unpredictable
data to work correctly. Many open source operating systems provide a
device" that serves this purpose. On other systems,
applications have to call the RAND_add() or RAND_seed() function with
before generating keys or performing public key
Some broken applications do not do this. As of version
0.9.5, the OpenSSL functions that need randomness report an error if the
number generator has not been seeded with at least 128
bits of randomness. If this error occurs, please contact the author of
you are using. It is likely that it never worked
correctly. OpenSSL 0.9.5 and later make the error visible by refusing to
On systems without /dev/urandom, it is a good idea to use
the Entropy Gathering Demon; see the RAND_egd() manpage for details.
Most components of the openssl command line tool try to
use the file $HOME/.rnd (or $RANDFILE, if this environment variable is
seeding the PRNG. If this file does not exist or is too
short, the "PRNG not seeded" error message may occur.
[Note to OpenSSL 0.9.5 users: The command "openssl rsa" in
version 0.9.5 does not do this and will fail on systems without
when trying to password-encrypt an RSA key! This is a bug
in the library; try a later version instead.]
For Solaris 2.6, Tim Nibbe <tnibbe@sprint..> and others
have suggested installing the SUNski package from Sun patch 105710-01
which adds a /dev/random device and make sure it gets
used, usually through $RANDFILE. There are probably similar patches for
Solaris versions. However, be warned that /dev/random is
usually a blocking device, which may have some effects on OpenSSL.