Ensure RANDFILE exists prior to usage

OpenSSL complains if the RANDFILE does not exist when it is generating certificates. Create an initial seed for this file from urandom. Signed-off-by: George T Kramer <george.t.kramer@intel.com>
2026-04-28 11:03:50 +00:00 · 2018-11-14 12:13:13 -08:00
parent bdee352232
commit 3da7b00bbd
1 changed files with 3 additions and 1 deletions
--- a/koji-setup/deploy-koji.sh
+++ b/koji-setup/deploy-koji.sh
@@ -23,11 +23,13 @@ swupd bundle-add koji || true
 ## SETTING UP SSL CERTIFICATES FOR AUTHENTICATION
 KOJI_PKI_DIR=/etc/pki/koji
 mkdir -p "$KOJI_PKI_DIR"/{certs,private}
+RANDFILE=$KOJI_PKI_DIR/.rand
+dd if=/dev/urandom of="$RANDFILE" bs=256 count=1

 # Certificate generation
 cat > "$KOJI_PKI_DIR"/ssl.cnf <<- EOF
 HOME                    = $KOJI_PKI_DIR
-RANDFILE                = $KOJI_PKI_DIR/.rand
+RANDFILE                = $RANDFILE

 [ca]
 default_ca              = ca_default