如何让 OpenSSL 在 Windows Vista 上写入 RANDFILE?
当我运行时:
openssl genrsa -out mykey.key 2048
我收到以下错误:
unable to write 'random state'
e is 65537 (0x10001)
我的谷歌搜索表明这是某种 Vista 权限问题。我如何允许 Vista 写入此文件,或者如何配置 openssl 来绕过它?
When I run:
openssl genrsa -out mykey.key 2048
I get the following error:
unable to write 'random state'
e is 65537 (0x10001)
My googling suggests this is some kind of Vista permissions issue. How can I allow Vista to write this file or how can I configure openssl to get round it?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
根本问题是 OpenSSL 配置文件中的 RANDFILE 变量在 Windows 上被忽略。这是一个长期存在的问题,并且仍在继续从 OpenSSL v1.0a 版本开始就存在,无论目标 Windows 平台是 x86 还是 x64。
不过,有一个非常简单的解决方案。仅使用常规环境变量来设置 RANDFILE 值,例如
因为该值是短暂的,所以必须为每个新的 DOS 框重新发出它,或者在批处理文件中编写脚本。
The root issue is that the RANDFILE variable in the OpenSSL configuration file is ignored on Windows. This has been a long-standing problem that continues to exist as of the OpenSSL v1.0a release, regardless of whether the target Windows platform is x86 or x64.
There is a delightfully simple solution, though. Merely use a regular environmental var to set the RANDFILE value, like
Because this value is ephemeral, it must be re-issued for every new DOS box, or scripted in a batch file.
我发现这可能会有所帮助:使用 OpenSSL 的作用是“无法写入“随机状态””是什么意思?
另外,这里: http://adamyoung.net/OpenSSL-unable-to-write-random-state
这里有一个建议
找到cmd.exe的位置,右键以管理员身份运行
I found this that might help: Using OpenSSL what does "unable to write 'random state'" mean?
also, here: http://adamyoung.net/OpenSSL-unable-to-write-random-state
there is a suggestion here http://www.mail-archive.com/[email protected]/msg51344.html on how to get it working in vista.
find the location of cmd.exe, right click and run as administrator
我有同样的问题,但对于 Windows 7。很容易解决,我创建了一个名为 HOME 的系统环境变量,并将其设置为我想要 .rnd 文件的目录。这解决了问题,因为 OpenSSL 不知道我的 .rnd 文件在哪里是(因为我没有),如果要创建它,它不知道该把它放在哪里。一旦我使用目录设置了环境变量 HOME(c:\ 就可以了!),我就在 OpenSSL 中重新运行了密钥生成,它立即开始工作。为了验证,我检查了我创建的密钥,它有正确的内容。我还检查了我设置 HOME 环境变量的目录,你瞧,那里有一个 .rnd 文件!希望这对某人有帮助:-)
I had the same issue but for Windows 7. Easily solved, I created a system Environment Variable called HOME and set it to the directory I wanted my .rnd file in. This solved the issue because OpenSSL didn't know where my .rnd file was (because I didn't have one) and it didn't know where to put it if it was to create it. As soon as I set my environment variable HOME with a directory (c:\ is fine!) I reran my key generation in OpenSSL and it worked straight off. To verify, I checked the key I had created and it had proper content. I also checked the directory I set my HOME environment variable to, and lo and behold a .rnd file was sat there! Hope this helps someone :-)
将
HOME变量添加到环境变量中。Add a
HOMEvariable into your environment variables.问题是脚本缺少某些访问权限或找不到文件。
解决方案:
创建一个名为 RANDFILE 和值 %USERPROFILE%.rnd 的系统变量,
请注意 %USERPROFILE% 是一个系统变量它会自动插入您的用户配置文件的路径。
The issue is that the script is missing some access rights or cant find the file.
The solution:
Create a system variable with the name RANDFILE and the value %USERPROFILE%.rnd
Notice the %USERPROFILE%, is a system variable that automatic inserts the path to your user profile.