ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Error : Unable to obtain OS random data in Windows Policy Server logs

book

Article ID: 36823

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER

Issue/Introduction

 

Trying to start the Policy Server on Windows, this one does not start
and report error :

  [5588/5404][Wed Jun 17 2015 14:53:10][CCrypto.cpp:749][ERROR] Unable to obtain OS random data
  [5588/5404][Wed Jun 17 2015 14:53:10][CCrypto.cpp:700][ERROR] Unable to seed random number generator
  [5588/5404][Wed Jun 17 2015 14:53:10][CCrypto.cpp:174][ERROR] Unable to initialize random number subsystem
  [5588/5404][Wed Jun 17 2015 14:53:10][CServer.cpp:3784][ERROR] Unable to initialize crypto subsystem

Environment

 

All Policy Server versions on Windows;

 

Resolution

 

Check the account used for the starting and stopping the Policy Server
on Windows. This account should have permissions to access the
CryptSvc (Cryptographic Services) service on Windows through those
functions CryptAcquireContextA (1), CryptGenRandom (2) and
CryptReleaseContext (3).

 

Additional Information

 

(1)

    CryptAcquireContextA function (wincrypt.h)
    https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontexta

(2)

    CryptGenRandom function (wincrypt.h)
    https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom

(3)

    CryptReleaseContext function (wincrypt.h)
    https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptreleasecontext