[openssl-users] using a random number file for generation of keys/certificates

Viktor Dukhovni openssl-users at dukhovni.org
Thu Sep 3 18:31:52 UTC 2015

On Thu, Sep 03, 2015 at 11:29:01AM -0700, Kevin Long wrote:

> Can I not use the file directly, as to not rely whatsoever on the OS?s PRNG ?

That would be unwise.  Much too easy to make a mistake and get that
wrong.  The best thing to do with additional entropy sources is to
mix them with existing ones, rather than rely on them exlcusively,
and especially if doing so means clever work-arounds that might go


More information about the openssl-users mailing list