Apache2: PRNG still contains insufficient entropy

Question

I have an issue that my website is not served correctly over ssl (only sometimes / by random). When the website is not served I am getting the following record in my apache error log:

[ssl:warn] [pid 1849] AH01990: PRNG still contains insufficient entropy!

Do you have any idea where to search for the issue?

/dev/urandom or /dev/random had a very low entropy level. In my case this issue was related to my virtualisation container. — Daniel K., Apr 24 '17 at 15:21

score 1 · Answer 1 · answered Nov 05 '19 at 23:20

Ensure you have the /dev/urandom fallback specified:

SSLRandomSeed startup builtin
SSLRandomSeed startup "file:/dev/urandom" 1024
SSLRandomSeed connect builtin
SSLRandomSeed connect "file:/dev/urandom"  1024

And ensure you have a random entropy seeding application like haveged or rng-tools installed.

Apache will then fall back to using /dev/urandom when its builtin has insufficient entropy.

Apache2: PRNG still contains insufficient entropy

1 Answers1