Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Docs: setup HW entropy for TLS

See original GitHub issue

Sometimes at boot time happens this error in connection to crossbar (wss://). But after boot if I try to restart my service, it works fine.

Autobahn v18.10.1 Python 3.5.3

2018-11-22 16:10:41.398 474 INFO autobahn.asyncio.component.Component [-] connecting once using transport type "websocket" over endpoint "tcp"
2018-11-22 16:10:41.408 474 ERROR asyncio [-] Fatal error on SSL transport
protocol: <asyncio.sslproto.SSLProtocol object at 0x755234f0>
transport: <_SelectorSocketTransport closing fd=8 read=idle write=<idle, bufsize=0>>: ssl.SSLError: getrandom() initialization failed. (_ssl.c:720)
2018-11-22 16:10:41.408 474 ERROR asyncio Traceback (most recent call last):
2018-11-22 16:10:41.408 474 ERROR asyncio   File "/usr/lib/python3.5/asyncio/sslproto.py", line 635, in _process_write_backlog
2018-11-22 16:10:41.408 474 ERROR asyncio     self._on_handshake_complete)
2018-11-22 16:10:41.408 474 ERROR asyncio   File "/usr/lib/python3.5/asyncio/sslproto.py", line 135, in do_handshake
2018-11-22 16:10:41.408 474 ERROR asyncio     ssldata, appdata = self.feed_ssldata(b'', only_handshake=True)
2018-11-22 16:10:41.408 474 ERROR asyncio   File "/usr/lib/python3.5/asyncio/sslproto.py", line 201, in feed_ssldata
2018-11-22 16:10:41.408 474 ERROR asyncio     self._sslobj.do_handshake()
2018-11-22 16:10:41.408 474 ERROR asyncio   File "/usr/lib/python3.5/ssl.py", line 641, in do_handshake
2018-11-22 16:10:41.408 474 ERROR asyncio     self._sslobj.do_handshake()
2018-11-22 16:10:41.408 474 ERROR asyncio ssl.SSLError: getrandom() initialization failed. (_ssl.c:720)
2018-11-22 16:10:41.408 474 ERROR asyncio
2018-11-22 16:10:41.418 474 INFO autobahn.asyncio.component.Component [-] Connection failed: SSLError: getrandom() initialization failed. (_ssl.c:720)

Any suggestion?

Issue Analytics

State:
Created 5 years ago
Comments:9 (8 by maintainers)

Top GitHub Comments

1reaction

ofekpcommented, Mar 29, 2019

For me, simply installing rng-tools resolved the issue. sudo apt-get install rng-tools

0reactions

oberstetcommented, Nov 23, 2018

thanks for reporting back! we’ll add it to the docs (hence I reopen this issue)

Top Results From Across the Web

Porting the non-volatile (NV) seed — Mbed TLS documentation

This feature can be used in addition to a hardware entropy source as well, however, it is not mandatory as the hardware entropy...

Entropy sources - Porting | Mbed OS 6 Documentation

How to add an entropy source · Implement the functions declared in hal/trng_api.h to let Mbed TLS access the device's entropy source. ·...

How to Setup Additional Entropy for Cloud Servers Using ...

For example, let's say you have a cloud server running the following daemons (all using SSL/TLS or block ciphers):. Web Server; Incoming/ ...

Managing system entropy - PingAuthorize - 9.1 - Documentation

Some environments with low entropy might experience intermittent performance issues with SSL-based communication, such as certificate generation. This scenario ...

Handling of Random Number Generation and Validation ... - IBM

Random Number Generation (RNG) in z/VM® is handled at the hardware level, ... Validating the entropy used by the z/VM TLS Server requires...