Subject: Re: Unable to enable RSA blinding
To: None <tech-pkg@NetBSD.org>
From: D'Arcy J.M. Cain <darcy@NetBSD.org>
List: tech-pkg
Date: 05/21/2004 09:48:32
On Wed, 19 May 2004 16:13:35 -0400
"D'Arcy J.M. Cain" <darcy@NetBSD.org> wrote:
> I cannot make the latest version of mod-ssl (ap-ssl in pkgsrc) work. 
> I keep getting the following error.
> 
> [Tue May 18 21:00:50 2004] [error] mod_ssl: Init:
> (panther.givex.com:443) Unable to enable RSA blinding (probably PRNG
> failure) (OpenSSL library error follows)
> [Tue May 18 21:00:50 2004] [error] OpenSSL:
> error:1E064022:lib(30):func(100):reason(34)
> 
> It happens with apache-1.3.29 and apache-1.3.31 and it happens with
> 2.0E and 1.6.2 release.  I have reinstalled openssl, apache and ap-ssl
> a number of times and still get this error.  I thought that there
> might be an entropy problem but the error happens whether I use
> builtin,/dev/random or /dev/urandom.  In any case, it doesn't block,
> it fails pretty much right away.  It happens on self-signed certs and
> regular CA issued certs.
> 
> I have searched the web and no one else seems to have this problem but
> I can't figure out what I am doing wrong.  Can someone provide some
> hints for further exploration?

This is so weird.  It happens to me on different versions of NetBSD with
the latest pkgsrc and no where else.  Not one person has responded and a
search of the net finds no one else even experiencing the problem.  Am I
really the only one that has ever seen this?  Please, has anyone even
seen this problem and can I get any hints whatsoever?  I tried following
(and continue to follow) the code back from where this error is printed
but I can't see why my environment is any different than everyone else
in the world.

-- 
D'Arcy J.M. Cain <darcy@NetBSD.org>
http://www.NetBSD.org/