Fixed error message from openssl v1.1.1 by sergiovp · Pull Request #3413 · wazuh/wazuh

sergiovp · 2019-05-29T10:40:13Z

Related issue
#3395

Description

We descovered that we got an error message during Wazuh manager installation in Ubuntu 18.

Can't load /root/.rnd into RNG
139871618495552:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd

The error is due OpenSSL version, concretly v1.1.1. This error is fixed by OpenSSL in v1.1.1a.

Despite de error message, OpenSSL works well. It generates diferent keys and certificates values, so we have just ignored the error message.

At /wazuh/src/init/ we have changed GenerateAuthCert function at inst-functions.sh file, adding 2>/dev/null when the key and certicate is created.

Logs/Alerts example

As we can see in the next picture, we have de error message.

Setting up wazuh-manager (3.9.1-1) ...
Can't load /root/.rnd into RNG
139871618495552:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd
Generating a RSA private key
.......+++++
.......................................+++++
writing new private key to '/var/ossec/etc/sslmanager.key'
-----

Afer the error fix, we don't see the message error.

Configurando wazuh-manager (3.10.0-0) ...
Generating a 2048 bit RSA private key
.....................................................................................................+++
.................................................................................+++
writing new private key to '/var/ossec/etc/sslmanager.key'
-----

Tests

Compilation without warnings in every supported platform
- Linux
- Windows (not aplicable)
- MAC OS X (not aplicable)
Source installation
Package installation
Source upgrade (not aplicable)
Package upgrade (not aplicable)
Memory tests
- Valgrind report for affected components (not aplicable)
- CPU impact (not aplicable)
- RAM usage impact (not aplicable)
Retrocompatibility with older Wazuh versions (not aplicable)
Working on cluster enviroments (not aplicable)
Configuration on demand reports new parameters (not aplicable)
Review logs syntax and correct language
QA templates contemplate the added capabilities (not aplicable)

vikman90

LGTM!

alberpilot

LGTM!

vikman90 · 2019-06-03T13:05:32Z

Closed accidentally.

Fixed error message from openssl v1.1.1

b0ce31d

vikman90 requested review from alberpilot and vikman90 May 29, 2019 11:02

vikman90 self-assigned this May 29, 2019

vikman90 approved these changes May 29, 2019

View reviewed changes

alberpilot approved these changes May 29, 2019

View reviewed changes

druizz90 closed this Jun 3, 2019

vikman90 reopened this Jun 3, 2019

vikman90 merged commit b508270 into 3.10 Jun 3, 2019

vikman90 deleted the fix-3395-openssl-cert branch June 3, 2019 13:07

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fixed error message from openssl v1.1.1#3413

Fixed error message from openssl v1.1.1#3413
vikman90 merged 1 commit into3.10from
fix-3395-openssl-cert

sergiovp commented May 29, 2019 •

edited

Loading

Uh oh!

vikman90 left a comment

Uh oh!

alberpilot left a comment

Uh oh!

vikman90 commented Jun 3, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

sergiovp commented May 29, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Logs/Alerts example

Tests

Uh oh!

vikman90 left a comment

Choose a reason for hiding this comment

Uh oh!

alberpilot left a comment

Choose a reason for hiding this comment

Uh oh!

vikman90 commented Jun 3, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

sergiovp commented May 29, 2019 •

edited

Loading