When the openwsman service is about to start, the init script check for SSL certificate, key files and creates them if they don’t exist.

 

While creating the SSL certificate, the openssl command reads /etc/openwsman/ssleay.cnf file which has the definition for RANDFIE as ENV::$HOME/.rnd. When the openwsmand service is started in Fedora using the “service openwsmand start” command, the $HOME variable is not exported to the init script.

 

So, the openssl command fails to create the key and openwsmand service doesn’t start up. Would it be a good idea to eliminate the RANDFILE variable altogether?

 

If not, is  hardcoding the RANDFILE to “/root/.rnd” instead of “ENV::$HOME/.rnd” a good idea? Since root in the one who is going to start the service in most cases, I don’t see a problem with this. But, what ensures that the /root/.rnd file exists to start with?

 

 

Praveen