search cancel

Error : Unable to obtain OS random data in Windows Policy Server logs

book

Article ID: 36823

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER

Issue/Introduction

 

Trying to start the Policy Server on Windows, this one does not start and reports an error:    

  [5588/5404][Wed Jun 17 2015 14:53:10][CCrypto.cpp:749][ERROR] Unable to obtain OS random data
  [5588/5404][Wed Jun 17 2015 14:53:10][CCrypto.cpp:700][ERROR] Unable to seed random number generator
  [5588/5404][Wed Jun 17 2015 14:53:10][CCrypto.cpp:174][ERROR] Unable to initialize random number subsystem
  [5588/5404][Wed Jun 17 2015 14:53:10][CServer.cpp:3784][ERROR] Unable to initialize crypto subsystem

 

Environment

 

All Policy Server versions on Windows;

 

Resolution

 

Check the account used for starting and stopping the Policy Server on Windows.

This account should have permission to access the CryptSvc (Cryptographic Services) service on Windows through those functions CryptAcquireContextA (1), CryptGenRandom (2), and CryptReleaseContext (3).

 

Additional Information

 

(1)

    CryptAcquireContextA function (wincrypt.h)
    

(2)

    CryptGenRandom function (wincrypt.h)
   

(3)

    CryptReleaseContext function (wincrypt.h)