How to fix "unable to write 'random state' " in openssl

While generating the private key using this command

genrsa -out my-prvkey.pem 1024

It throws the error like below

Loadind 'screen' into random state -done Generating RSA private key,1024 bit long modulus .........................................+++++++ ...........................+++++++++ unable to write 'random state' e is 65537 (0*10001)

This makes any problem while creating a public certificate. I'm running this command in windows. Can anyone help me for the fix?

113873 次浏览
小开

The quickest solution is: set environment variable RANDFILE to path where the 'random state' file can be written (of course check the file access permissions), eg. in your command prompt:

set RANDFILE=C:\MyDir\.rnd
openssl genrsa -out my-prvkey.pem 1024

More explanations: OpenSSL on Windows tries to save the 'random state' file in the following order:

  1. Path taken from RANDFILE environment variable
  2. If HOME environment variable is set then : ${HOME}\.rnd
  3. C:\.rnd

I'm pretty sure that in your case it ends up trying to save it in C:\.rnd (and it fails because lack of sufficient access rights). Unfortunately OpenSSL does not print the path that is actually tries to use in any error messages.

小开

It may also be that you need to run the console as an administrator. On windows 7, hold ctrl+shift when you launch the console window.

小开

just enter this line in the command line :

set RANDFILE=.rnd
小开

Or this in windows powershell

$env:RANDFILE=".rnd"
小开

I did not find where the .rnd file is so I ran the cmd as administrator and it worked like a charm.

小开

提交答案