Starting vTPM manufacturing as swtpm:swtpm @ Thu 07 Apr 2022 08:14:26 AM UTC
Successfully created RSA 2048 EK with handle 0x81010001.
Invoking /usr/lib/x86_64-linux-gnu/swtpm/swtpm-localca --type ek --ek ab6f56f67e86f80c401e130c0650461fe635896717fac00f49ab113f191fdcc5bafa84e8a3960be40dbbb769a43fb4b25bb532c1404bfe601bd03da20ee9e62e494216dc86cbf76cd42eb4255e0e5d129ae5c9b0790aea2733d44d188c7d4706ea6584dceaa476071cc9a8937bb5dbf006b1ff38a591470f13f00e26d67c34b11f2b82767292c8e872c48a1151a1f4b94382c6d6b199f9af0cecb0fc59fd22982b08fae6b682a6dd0fa5dac7bd3154634aa7b7015f8082d3833c7e2c2a089d3f905d733fde4983d50c76493b39dfc854f69844d3f52848036e9c36cdb96067cb99bf4a49e1f734b8bad50524a090b3723006d4b5a9ba9552390f27edb8a411f9 --dir /var/lib/libvirt/swtpm/8908c397-e4dc-4e8c-a758-2436264111cc/tpm2 --logfile /var/log/swtpm/libvirt/qemu/t1-swtpm.log --vmid t1:8908c397-e4dc-4e8c-a758-2436264111cc --tpm-spec-family 2.0 --tpm-spec-level 0 --tpm-spec-revision 164 --tpm-manufacturer id:00001014 --tpm-model swtpm --tpm-version id:20191023 --tpm2 --configfile /etc/swtpm-localca.conf --optsfile /etc/swtpm-localca.options
Creating root CA and a local CA's signing key and issuer cert.
Could not create root-CA:Can't load ./.rnd into RNG
4037B2BDC77F0000:error:12000079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:106:Filename=./.rnd
Cannot write random bytes:
4037B2BDC77F0000:error:12000079:random number generator:RAND_write_file:Cannot open file:../crypto/rand/randfile.c:240:Filename=./.rnd
As invoked by the virt-stack we see:
Starting vTPM manufacturing as swtpm:swtpm @ Thu 07 Apr 2022 08:14:26 AM UTC x86_64- linux-gnu/ swtpm/swtpm- localca --type ek --ek ab6f56f67e86f80 c401e130c065046 1fe635896717fac 00f49ab113f191f dcc5bafa84e8a39 60be40dbbb769a4 3fb4b25bb532c14 04bfe601bd03da2 0ee9e62e494216d c86cbf76cd42eb4 255e0e5d129ae5c 9b0790aea2733d4 4d188c7d4706ea6 584dceaa476071c c9a8937bb5dbf00 6b1ff38a591470f 13f00e26d67c34b 11f2b82767292c8 e872c48a1151a1f 4b94382c6d6b199 f9af0cecb0fc59f d22982b08fae6b6 82a6dd0fa5dac7b d3154634aa7b701 5f8082d3833c7e2 c2a089d3f905d73 3fde4983d50c764 93b39dfc854f698 44d3f52848036e9 c36cdb96067cb99 bf4a49e1f734b8b ad50524a090b372 3006d4b5a9ba955 2390f27edb8a411 f9 --dir /var/lib/ libvirt/ swtpm/8908c397- e4dc-4e8c- a758-2436264111 cc/tpm2 --logfile /var/log/ swtpm/libvirt/ qemu/t1- swtpm.log --vmid t1:8908c397- e4dc-4e8c- a758-2436264111 cc --tpm-spec-family 2.0 --tpm-spec-level 0 --tpm-spec-revision 164 --tpm-manufacturer id:00001014 --tpm-model swtpm --tpm-version id:20191023 --tpm2 --configfile /etc/swtpm- localca. conf --optsfile /etc/swtpm- localca. options 0:error: 12000079: random number generator: RAND_load_ file:Cannot open file:.. /crypto/ rand/randfile. c:106:Filename= ./.rnd 0:error: 12000079: random number generator: RAND_write_ file:Cannot open file:.. /crypto/ rand/randfile. c:240:Filename= ./.rnd
Successfully created RSA 2048 EK with handle 0x81010001.
Invoking /usr/lib/
Creating root CA and a local CA's signing key and issuer cert.
Could not create root-CA:Can't load ./.rnd into RNG
4037B2BDC77F000
Cannot write random bytes:
4037B2BDC77F000
Running the same to a test path works fine
$ /usr/lib/ x86_64- linux-gnu/ swtpm/swtpm- localca --type ek --ek ab6f56f67e86f80 c401e130c065046 1fe635896717fac 00f49ab113f191f dcc5bafa84e8a39 60be40dbbb769a4 3fb4b25bb532c14 04bfe601bd03da2 0ee9e62e494216d c86cbf76cd42eb4 255e0e5d129ae5c 9b0790aea2733d4 4d188c7d4706ea6 584dceaa476071c c9a8937bb5dbf00 6b1ff38a591470f 13f00e26d67c34b 11f2b82767292c8 e872c48a1151a1f 4b94382c6d6b199 f9af0cecb0fc59f d22982b08fae6b6 82a6dd0fa5dac7b d3154634aa7b701 5f8082d3833c7e2 c2a089d3f905d73 3fde4983d50c764 93b39dfc854f698 44d3f52848036e9 c36cdb96067cb99 bf4a49e1f734b8b ad50524a090b372 3006d4b5a9ba955 2390f27edb8a411 f9 --dir /tmp/test/tpm2 --logfile /tmp/test/swtpm.log --vmid t1:8908c397- e4dc-4e8c- a758-2436264111 cc --tpm-spec-family 2.0 --tpm-spec-level 0 --tpm-spec-revision 164 --tpm-manufacturer id:00001014 --tpm-model swtpm --tpm-version id:20191023 --tpm2 --configfile /etc/swtpm- localca. conf --optsfile /etc/swtpm- localca. options
$ echo $?
0