Seed the OpenSSL random number generator

The OpenSSL library is used to to encrypt DataSource and RTTP connections in C-based DataSource applications (including Liberator and Transformer). OpenSSL uses its own pseudo random number generator (PRNG), seeded on startup from a source of random data provided by the operating system.

On Linux, the PRNG is seeded from the non-blocking device file /dev/urandom. On Microsoft Windows, the PRNG is seeded from CryptGenRandom and other sources of entropy. Source: Seeds in Random Numbers on the OpenSSL Wiki.

If the standard sources of entropy used to automatically seed OpenSSL’s PRNG do not comply with your organisation’s security policy, the ssl-random-seed configuration item provides you with the flexibility to seed OpenSSL’s PRNG with a specific source of entropy.

For more information, see:

  • Liberator: ssl-random-seed

  • DataSource: ssl-random-seed

Add the configuration to the appropriate overrides file in the Deployment Framework:

  • Liberator: <Framework-root>/global_config/overrides/servers/Liberator/etc/rttpd.conf

  • Transformer: <Framework-root>/global_config/overrides/servers/Transformer/etc/transformer.conf

  • Adapter blade: <Framework-root>/global_config/overrides/<AdapterBladeName>/DataSource/etc/<AdapterName>.conf

See also: