Mailing List Archive

Thanks John for quick response.
But can you let me know, what should be o/p of this command?
I tried on 2 systems and see below output.

/home/root# openssl rand -hex 8
d2749a6620672899
/home/root#
/home/root# openssl rand -hex 8
d74e404a57e57ae9
/home/root#

Right now, I dont have failed system in handy and so dont know, what should
be the output of above command?


On Wed, Sep 22, 2021 at 11:46 PM Orendt, John
<john.p.orendt@medtronic.com.invalid> wrote:

> Hi
>
>
>
> This may be related to an openssl problem
>
> try
>
>
>
> openssl rand -hex 8
>
>
>
> John Orendt
>
> John.p.orendt@medtronic.com
>
>
>
> *From:* alchemist vk <alchemist.vk@gmail.com>
> *Sent:* Wednesday, September 22, 2021 2:09 PM
> *To:* users@httpd.apache.org
> *Subject:* [EXTERNAL] [users@httpd] Httpd is hanging intermittently
>
>
>
> Hi All,
>
> We are using httpd version 2.4.46 and its working fine for a long time.
> But recently, we started seeing an issue where apache hangs indefinitely
> even when the system is in idle state.
>
> And when apache hangs, I see below entries in error_log:
>
> [Tue Sep 21 22:05:53.243013 2021] [ssl:warn] [pid 5769:tid 2644435888]
> AH01990: Server: PRNG still contains insufficient entropy!
>
> [Tue Sep 21 22:05:54.501476 2021] [ssl:warn] [pid 5769:tid 2787111856]
> AH01990: Server: PRNG still contains insufficient entropy!
>
> [Tue Sep 21 22:05:54.502449 2021] [ssl:warn] [pid 5769:tid 2787111856]
> AH01990: Server: PRNG still contains insufficient entropy!
>
> ...
>
> ....
>
> ....
>
>
>
> I am pretty sure, we not changed anything related to httpd config for
> quite a time time and have no idea, why this issue started getting
> manifested now.
>
> Please help me how to RC this and what logs can be looked to debug further?
>
>
>
> PS: Occurence of issue is more in systems where FIPS is enabled. In FIPS
> disabled systems, occurrence is less.
>
>
>
> With Regards
>
> Venkat
>
>
>
>
>
>
>
>
> [CONFIDENTIALITY AND PRIVACY NOTICE] Information transmitted by this email
> is proprietary to Medtronic and is intended for use only by the individual
> or entity to which it is addressed, and may contain information that is
> private, privileged, confidential or exempt from disclosure under
> applicable law. If you are not the intended recipient or it appears that
> this mail has been forwarded to you without proper authority, you are
> notified that any use or dissemination of this information in any manner is
> strictly prohibited. In such cases, please delete this mail from your
> records. To view this notice in other languages you can either select the
> following link or manually copy and paste the link into the address bar of
> a web browser: http://emaildisclaimer.medtronic.com
>

The output is random bytes in hex.

It looks good.

Sometimes this fails if openssl is unable to write to a temp file

John Orendt
John.p.orendt@medtronic.com

From: alchemist vk <alchemist.vk@gmail.com>
Sent: Wednesday, September 22, 2021 2:26 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] RE: [EXTERNAL] [users@httpd] Httpd is hanging intermittently

Thanks John for quick response.
But can you let me know, what should be o/p of this command?
I tried on 2 systems and see below output.

/home/root# openssl rand -hex 8
d2749a6620672899
/home/root#
/home/root# openssl rand -hex 8
d74e404a57e57ae9
/home/root#

Right now, I dont have failed system in handy and so dont know, what should be the output of above command?


On Wed, Sep 22, 2021 at 11:46 PM Orendt, John <john.p.orendt@medtronic.com.invalid<mailto:john.p.orendt@medtronic.com.invalid>> wrote:
Hi

This may be related to an openssl problem
try

openssl rand -hex 8

John Orendt
John.p.orendt@medtronic.com<mailto:John.p.orendt@medtronic.com>

From: alchemist vk <alchemist.vk@gmail.com<mailto:alchemist.vk@gmail.com>>
Sent: Wednesday, September 22, 2021 2:09 PM
To: users@httpd.apache.org<mailto:users@httpd.apache.org>
Subject: [EXTERNAL] [users@httpd] Httpd is hanging intermittently

Hi All,
We are using httpd version 2.4.46 and its working fine for a long time. But recently, we started seeing an issue where apache hangs indefinitely even when the system is in idle state.
And when apache hangs, I see below entries in error_log:
[Tue Sep 21 22:05:53.243013 2021] [ssl:warn] [pid 5769:tid 2644435888] AH01990: Server: PRNG still contains insufficient entropy!
[Tue Sep 21 22:05:54.501476 2021] [ssl:warn] [pid 5769:tid 2787111856] AH01990: Server: PRNG still contains insufficient entropy!
[Tue Sep 21 22:05:54.502449 2021] [ssl:warn] [pid 5769:tid 2787111856] AH01990: Server: PRNG still contains insufficient entropy!
...
....
....

I am pretty sure, we not changed anything related to httpd config for quite a time time and have no idea, why this issue started getting manifested now.
Please help me how to RC this and what logs can be looked to debug further?

PS: Occurence of issue is more in systems where FIPS is enabled. In FIPS disabled systems, occurrence is less.

With Regards
Venkat




[CONFIDENTIALITY AND PRIVACY NOTICE] Information transmitted by this email is proprietary to Medtronic and is intended for use only by the individual or entity to which it is addressed, and may contain information that is private, privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient or it appears that this mail has been forwarded to you without proper authority, you are notified that any use or dissemination of this information in any manner is strictly prohibited. In such cases, please delete this mail from your records. To view this notice in other languages you can either select the following link or manually copy and paste the link into the address bar of a web browser: http://emaildisclaimer.medtronic.com