The Management and Security Server installer, server, and configuration utilities may hang on UNIX or Linux systems, particularly headless ones. The hang or stall is caused by an insufficient amount of entropy in the system, typically due to a lack of interaction with the operating system’s UI (or lack of UI).
In Management and Security Server 12.4 Update 2 (and higher), the Entropy Gathering Device (EGD) for Unix/Linux was explicitly set to /dev/urandom which is a non-blocking EGD. Although the use of /dev/urandom may be controversial, it was decided that using a non-blocking EGD would provide a more favorable user experience.
If use of /dev/urandom is not acceptable or permitted in your environment, you can explicitly change the EGD. A property must be set for each Management and Security Server application, listed in the table.
To specify the EGD, pass the Java System argument named "java.security.egd" with a value for the desired EGD, such as /dev/random. For example: -Djava.security.egd=file:///dev/random
Table 12-1 Example: changing the EGD to /dev/random
|
Application |
How to set the EGD |
|---|---|
|
Installer |
On the installer's command line, prepend -J to the Java System property: mss-12.4.4.<nnn>-prod-linuxx64.sh -J-Djava.security.egd=file:///dev/random |
|
MSS Server |
In container.conf, modify the service wrapper's additional JVM property: wrapper.java.additional.8=-Djava.security.egd=file:///dev/random Or, comment out this property to use the system's default value. |
|
Initial Configuration Utility Configuration Upgrade Utility HTTPS Certificate Utility |
For each utility, add the property and desired value to the *.VMOPTIONS file: -Djava.security.egd=file:///dev/random |
|
Keychain Utility Security Proxy |
In each *.VMOPTIONS file, modify the existing property: -Djava.security.egd=file:///dev/random Or, comment out this property to use the system's default value. |