[Help-gnutls] Re: Alternate random device for certtool

Simon Josefsson simon at josefsson.org
Thu Nov 27 19:01:19 CET 2008

"Teran McKinney" <sega01 at gmail.com> writes:

> Hey,
> I am using Gnutls 2.6.2, but have had no luck generating certificates
> with certtool. I found that it uses /dev/random instead of
> /dev/urandom, which is too slow on my systems. I could try to produce
> more entropy, but I would prefer to use /dev/urandom. The man page
> indicates that certtool uses /dev/urandom by default, due to the
> --disable-quick-random option, however it is acting as the default.
> Could this be a bug, or is there a way to specify an alternative device file?

This is a mostly a libgcrypt issue.  Which libgcrypt version are you
using?  With recent libgcrypt, I believe GnuTLS certtool uses
/dev/urandom, like Daniel explained.


More information about the Gnutls-help mailing list