How does nginx handle random seed for ssl connections?

Igor Sysoev is at
Tue Aug 5 09:51:06 MSD 2008

On Tue, Aug 05, 2008 at 12:42:45AM +0200, Alexander Piavlo wrote:

>  Is there a apache's SSLRandomSeed alternative in nginx?
> I just want to make nginx use specific device like /dev/urandom or
> /dev/random. All i could see that nginx code uses srandom() a pseudo
> random generator.

There is no SSLRandomSeed like directive, but it can be easily added.

nginx does not use srandom() for OpenSSL, it relies on OpenSSL default
random seeding. On Unix platforms OpenSSL tries "/dev/urandom",
"/dev/random", and "/dev/srandom". Therefore SSLRandomSeed is required only
for platforms that have no /dev/*random.

Igor Sysoev

More information about the nginx mailing list