On Wed, 19 May 2004 16:13:35 -0400
"D'Arcy J.M. Cain" <darcy@NetBSD.org> wrote:
> I cannot make the latest version of mod-ssl (ap-ssl in pkgsrc) work. 
> I keep getting the following error.
> 
> [Tue May 18 21:00:50 2004] [error] mod_ssl: Init:
> (panther.givex.com:443) Unable to enable RSA blinding (probably PRNG
> failure) (OpenSSL library error follows)
> [Tue May 18 21:00:50 2004] [error] OpenSSL:
> error:1E064022:lib(30):func(100):reason(34)
> 
> It happens with apache-1.3.29 and apache-1.3.31 and it happens with
> 2.0E and 1.6.2 release.  I have reinstalled openssl, apache and ap-ssl
> a number of times and still get this error.  I thought that there
> might be an entropy problem but the error happens whether I use
> builtin,/dev/random or /dev/urandom.  In any case, it doesn't block,
> it fails pretty much right away.  It happens on self-signed certs and
> regular CA issued certs.

I have tried Apache2 which doesn't seem to have this problem. 
Unfortunately it also doesn't have mod-python and mod-auth-postgresql
packages.

I went back to Apache 1 after the bump to mod-ssl 2.8.18 but that didn't
help.  I can't believe I am the only one seeing this on every machine
(1.6 -current as well as 2.0BETA) and yet no one has answered that they
even see the problem.  I wrote to the mod-ssl mailing list but no answer
there either.

Clues, hair brained or otherwise, happily accepted.  Alternatively if
someone could get PR pkg/21720 working and into pkgsrc I might be able
to live without the Python module in Apache2 for now.

-- 
D'Arcy J.M. Cain <darcy@NetBSD.org>
http://www.NetBSD.org/