windows - How to fix "unable to write 'random state' " in openssl

Question

While generating the private key using this command

genrsa -out my-prvkey.pem 1024

It throws the error like below

Loadind 'screen' into random state -done Generating RSA private key,1024 bit long modulus .........................................+++++++ ...........................+++++++++ unable to write 'random state' e is 65537 (0*10001)

This makes any problem while creating a public certificate. I'm running this command in windows. Can anyone help me for the fix?

Answer 1

The quickest solution is: set environment variable RANDFILE to path where the 'random state' file can be written (of course check the file access permissions), eg. in your command prompt:

set RANDFILE=C:MyDir.rnd
openssl genrsa -out my-prvkey.pem 1024

More explanations: OpenSSL on Windows tries to save the 'random state' file in the following order:

1. Path taken from RANDFILE environment variable
2. If HOME environment variable is set then : ${HOME}.rnd
3. C:.rnd

I'm pretty sure that in your case it ends up trying to save it in C:.rnd (and it fails because lack of sufficient access rights). Unfortunately OpenSSL does not print the path that is actually tries to use in any error messages.