83

While generating the private key using this command

genrsa -out my-prvkey.pem 1024

It throws the error like below

Loadind 'screen' into random state -done Generating RSA private key,1024 bit long modulus .........................................+++++++ ...........................+++++++++ unable to write 'random state' e is 65537 (0*10001)

This makes any problem while creating a public certificate. I'm running this command in windows. Can anyone help me for the fix?

Sibeesh Venu
  • 18,755
  • 12
  • 103
  • 140
arok
  • 1,795
  • 7
  • 27
  • 56

6 Answers6

125

The quickest solution is: set environment variable RANDFILE to path where the 'random state' file can be written (of course check the file access permissions), eg. in your command prompt:

set RANDFILE=C:\MyDir\.rnd
openssl genrsa -out my-prvkey.pem 1024

More explanations: OpenSSL on Windows tries to save the 'random state' file in the following order:

  1. Path taken from RANDFILE environment variable
  2. If HOME environment variable is set then : ${HOME}\.rnd
  3. C:\.rnd

I'm pretty sure that in your case it ends up trying to save it in C:\.rnd (and it fails because lack of sufficient access rights). Unfortunately OpenSSL does not print the path that is actually tries to use in any error messages.

sirgeorge
  • 6,331
  • 1
  • 28
  • 33
  • 6
    Sorry it was closed, mate... this is a great question and google brings it up first. – fool4jesus Sep 29 '13 at 22:17
  • 1
    This also works great without having to run as admin. (Though just setting `HOME` was sufficient.) – Synetech May 26 '14 at 20:38
  • 4
    If you're using PowerShell you'll want to use `$env:RANDFILE = 'C:\MyDir\.rnd'` (In PowerShell `set` is an alias for `Set-Variable` which has nothing to do with environment variables!) – Jeff Camera Apr 04 '16 at 17:17
37

It may also be that you need to run the console as an administrator. On windows 7, hold ctrl+shift when you launch the console window.

Dave Clemmer
  • 3,741
  • 12
  • 49
  • 72
alile
  • 387
  • 3
  • 3
  • I feel this probably should have been a country unless you know this is a fix, but you prose suggests otherwise – Mike Dec 11 '12 at 01:08
  • 3
    you can also gain admin access to cmd by hitting Start, type cmd, right click cmd.exe, and run-as-administrator. :) – Tyler Rafferty Dec 03 '13 at 06:36
33

just enter this line in the command line :

set RANDFILE=.rnd
Tunaki
  • 132,869
  • 46
  • 340
  • 423
eliprodigy
  • 600
  • 6
  • 8
  • I have install openssl on windows 10, I have run above command on command prompt. openssl still gives the same error as, OpenSSL> genrsa -out key.pem Loading 'screen' into random state - done Generating RSA private key, 512 bit long modulus .....................................................++++++++++++ .......++++++++++++ unable to write 'random state' e is 65537 (0x10001) – Rohit Borude Sep 16 '20 at 04:58
7

Or this in windows powershell

$env:RANDFILE=".rnd"
konzo
  • 1,973
  • 22
  • 32
4

I did not find where the .rnd file is so I ran the cmd as administrator and it worked like a charm.

Doan Vu
  • 494
  • 7
  • 12
0
Rohit Borude
  • 218
  • 1
  • 3
  • 10