error message during creation of a CSR

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

error message during creation of a CSR

Thomas Schachtner
Hi group,

I have a problem with openssl giving an error message when creating a CSR.
The command line I am using is:

/usr/bin/openssl req -passout pass:test -keyout
/srv/www/vhosts/ipsec/certs/test.pem -out
/srv/www/vhosts/ipsec/certs/test.pem -rand /dev/urandom -days 365 -new
-subj "/C=xx/ST=xxxx/L=xxxxx/O=xxxxx/CN=xxxx
xxxx/emailAddress=[hidden email]"

(I also tried this command without the -rand parameter and some other
file with random data as -rand parameter e. g. /tmp/.rnd.tmp)
Everyone has full access to all the directories I specify on the command
line.

When I execute this command on the BASH shell, the output is as expected
(between ---***---):

---***---
Generating a 1024 bit RSA private key
......................................++++++
........................++++++
writing new private key to '/srv/www/vhosts/ipsec/certs/test.pem'
-----
---***---

But when the same commands are executed by a PHP script using PHP's
system() function or PHP's exec() function, following messages are
appended to the web server's error log output:

---***---
Generating a 1024 bit RSA private key
.................++++++
.........................++++++
unable to write 'random state'
writing new private key to '/srv/www/vhosts/ipsec/certs/test.pem'
-----
---***---

The CSR file is there, but the message "unable to write 'random state'
annoys me a little bit.
I already tried to find a solution on the Internet, but there was
nothing appropriate. I also reatd the FAQ entry regarding this error
message, but the information provided there did not solve my problem....
Maybe anoyone out there knows the reason for this message and also knows
how to fix it...

Thanks,
Thomas

smime.p7s (6K) Download Attachment