Date: Sun, 11 Nov 2007 18:47:22 +0000 From: RW <fbsd06@mlists.homeunix.com> To: freebsd-questions@freebsd.org Subject: Re: ' Openssl.cnf ' and ' .rand ' file Message-ID: <20071111184722.5d260114@gumby.homeunix.com.> In-Reply-To: <846921.73269.qm@web34404.mail.mud.yahoo.com> References: <846921.73269.qm@web34404.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 10 Nov 2007 11:22:10 -0800 (PST) White Hat <pigskin_referee@yahoo.com> wrote: > openssl 0.9.7e-p1 25 Oct 2004 > > I have not been able to find an answer to this question on Google, so > I figured I had better ask it here. > In the '/etc/ssl/openssl.cnf' file, there is an entry for: > > RANDFILE = $dir/private/.rand # private random number file > > Well, that file does not exist. I cannot find it anywhere on my > system and I have not been able to figure out how to create it. It's in the CA section so it's only used if you are signing keys. Normally openssl reads and write entropy to ~/.rnd, which creates it itself. I guess the above setting is just there to allow a different file for signing - perhaps in a more secure location. I would think these files are normally redundant since FreeBSD manages entropy itself.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071111184722.5d260114>