Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed error message from openssl v1.1.1 #3413

Merged
merged 1 commit into from
Jun 3, 2019
Merged

Conversation

sergiovp
Copy link
Contributor

@sergiovp sergiovp commented May 29, 2019

Related issue
#3395

Description

We descovered that we got an error message during Wazuh manager installation in Ubuntu 18.

Can't load /root/.rnd into RNG
139871618495552:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd

The error is due OpenSSL version, concretly v1.1.1. This error is fixed by OpenSSL in v1.1.1a.

Despite de error message, OpenSSL works well. It generates diferent keys and certificates values, so we have just ignored the error message.

At /wazuh/src/init/ we have changed GenerateAuthCert function at inst-functions.sh file, adding 2>/dev/null when the key and certicate is created.

Logs/Alerts example

As we can see in the next picture, we have de error message.

Setting up wazuh-manager (3.9.1-1) ...
Can't load /root/.rnd into RNG
139871618495552:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd
Generating a RSA private key
.......+++++
.......................................+++++
writing new private key to '/var/ossec/etc/sslmanager.key'
-----

Afer the error fix, we don't see the message error.

Configurando wazuh-manager (3.10.0-0) ...
Generating a 2048 bit RSA private key
.....................................................................................................+++
.................................................................................+++
writing new private key to '/var/ossec/etc/sslmanager.key'
-----

Tests

  • Compilation without warnings in every supported platform
    • Linux
    • Windows (not aplicable)
    • MAC OS X (not aplicable)
  • Source installation
  • Package installation
  • Source upgrade (not aplicable)
  • Package upgrade (not aplicable)
  • Memory tests
    • Valgrind report for affected components (not aplicable)
    • CPU impact (not aplicable)
    • RAM usage impact (not aplicable)
  • Retrocompatibility with older Wazuh versions (not aplicable)
  • Working on cluster enviroments (not aplicable)
  • Configuration on demand reports new parameters (not aplicable)
  • Review logs syntax and correct language
  • QA templates contemplate the added capabilities (not aplicable)

@vikman90 vikman90 requested review from vikman90 and alberpilot May 29, 2019 11:02
@vikman90 vikman90 self-assigned this May 29, 2019
Copy link
Member

@vikman90 vikman90 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Copy link
Contributor

@alberpilot alberpilot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@druizz90 druizz90 closed this Jun 3, 2019
@vikman90
Copy link
Member

vikman90 commented Jun 3, 2019

Closed accidentally.

@vikman90 vikman90 reopened this Jun 3, 2019
@vikman90 vikman90 merged commit b508270 into 3.10 Jun 3, 2019
@vikman90 vikman90 deleted the fix-3395-openssl-cert branch June 3, 2019 13:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants