Comment 8 for bug 1945774

This is not a bug in ssl-cert. It's a bug in libapache2-mod-auth-mellon, more specifically in the way it configures openssl to generate its certificate. From /usr/sbin/mellon_create_metadata:

cat >"$TEMPLATEFILE" <<EOF
RANDFILE = /dev/urandom
[req]
default_bits = 3072
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
prompt = no
policy = policy_anything
[req_distinguished_name]
commonName = $HOST
EOF

The fix is simple: just remove the RANDFILE entry from the snippet above. This looks like SRU material, so I'm adding a task for the package and setting its status accordingly.