How to fix "unable to write 'random state' " in openssl

While generating the private key using this command

genrsa -out my-prvkey.pem 1024

It throws the error like below

Loadind 'screen' into random state -done Generating RSA private key,1024 bit long modulus .........................................+++++++ ...........................+++++++++ unable to write 'random state' e is 65537 (0*10001)

This makes any problem while creating a public certificate. I'm running this command in windows. Can anyone help me for the fix?


Solution 1:

The quickest solution is: set environment variable RANDFILE to path where the 'random state' file can be written (of course check the file access permissions), eg. in your command prompt:

set RANDFILE=C:\MyDir\.rnd
openssl genrsa -out my-prvkey.pem 1024

More explanations: OpenSSL on Windows tries to save the 'random state' file in the following order:

  1. Path taken from RANDFILE environment variable
  2. If HOME environment variable is set then : ${HOME}\.rnd
  3. C:\.rnd

I'm pretty sure that in your case it ends up trying to save it in C:\.rnd (and it fails because lack of sufficient access rights). Unfortunately OpenSSL does not print the path that is actually tries to use in any error messages.

Solution 2:

It may also be that you need to run the console as an administrator. On windows 7, hold ctrl+shift when you launch the console window.

Solution 3:

just enter this line in the command line :

set RANDFILE=.rnd

Solution 4:

Or this in windows powershell

$env:RANDFILE=".rnd"

Solution 5:

I did not find where the .rnd file is so I ran the cmd as administrator and it worked like a charm.