Postfix - No entropy for TLS key generation?

Have you installed a new server and gotten the message below? Sometimes you see this issue along with using OpenSSL to create new keys on a particular machine. Although you may think it could related to libraries, it is really a Postfix configuration issue. See below for the fix.


POSTFIX ERROR: warning: no entropy for TLS key generation: disabling TLS support

This error can be resolved by editing the 'master.cf' file in /etc/postfix, uncomment the tlsmgr line. This is needed for TLS.


qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr

Don't forget to chmod 600 the stmpd.key, edit and postmap your 'sasl_paswd', 'transport' and 'main.cf' files with the correct settings. Restart postfix and test. You should be all set!


Peace be unto you. Thank you for visiting!