NetOps SslConfig hangs on: Performing: Certificate Changes
Article ID: 398980
Updated On:
Products
Issue/Introduction
If you are using NetOps SslConfig and the tool stops and stalls on the step:
Performing: Certificate Changes
Environment
NetOps 23.3.x+
Cause
While running SslConfig, java asks the CPU for random data to help with encryption duties. Sometimes the CPU cannot provide that data by default.
Resolution
We need to install and start RNGD:
yum install rng-tools
systemctl start rngd
This should allow SslConfig to complete.
Additional Information
What is the RNGD service in Linux?
Random number generators are one of the most important building blocks of cryptosystems. The rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).
service rngd start
NOTE: rng-tools is currently not a required package for the installation. However, for systems where little UI activity happens (aka headless VMs), there is little data being generated like mouse movements, etc to generate random data for /dev/random for things like SALT generation for encryption.
Feedback
