I've performed some testing on Trusty's pollen package, and everything looks good! ubuntu@ip-172-30-0-237:~⟫ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.4 LTS Release: 14.04 Codename: trusty ubuntu@ip-172-30-0-237:~⟫ dpkg -l pollen Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-===========================================================-==================================-==================================-============================================================================================================================ ii pollen 4.21-0ubuntu1~14.04 amd64 Entropy-as-a-Service web server ubuntu@ip-172-30-0-237:~⟫ sudo apt install pollen sudo: unable to resolve host ip-172-30-0-237 Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: ent rng-tools The following NEW packages will be installed: ent pollen rng-tools 0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded. Need to get 1,338 kB of archives. After this operation, 7,554 kB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty/universe ent amd64 1.1debian-3 [13.9 kB] Get:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty-proposed/universe pollen amd64 4.21-0ubuntu1~14.04 [1,302 kB] Get:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ trusty-updates/universe rng-tools amd64 4-0ubuntu2.1 [21.8 kB] Fetched 1,338 kB in 0s (8,036 kB/s) Selecting previously unselected package ent. (Reading database ... 76900 files and directories currently installed.) Preparing to unpack .../ent_1.1debian-3_amd64.deb ... Unpacking ent (1.1debian-3) ... Selecting previously unselected package pollen. Preparing to unpack .../pollen_4.21-0ubuntu1~14.04_amd64.deb ... Unpacking pollen (4.21-0ubuntu1~14.04) ... Selecting previously unselected package rng-tools. Preparing to unpack .../rng-tools_4-0ubuntu2.1_amd64.deb ... Unpacking rng-tools (4-0ubuntu2.1) ... Processing triggers for man-db (2.6.7.1-1ubuntu1) ... Processing triggers for ureadahead (0.100.0-16) ... Setting up ent (1.1debian-3) ... Setting up pollen (4.21-0ubuntu1~14.04) ... Generating a 4096 bit RSA private key ..........................................................++ ..............................................++ writing new private key to '/etc/pollen/key.pem' ----- pollen-restart start/running, process 4124 pollen start/running, process 4170 Setting up rng-tools (4-0ubuntu2.1) ... Trying to create /dev/hwrng device inode... Starting Hardware RNG entropy gatherer daemon: rngd. Processing triggers for ureadahead (0.100.0-16) ... ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s http://localhost:80 sudo: unable to resolve host ip-172-30-0-237 pollinate: system was previously seeded at [2016-07-29 18:35:31.536507000 +0000] pollinate: To re-seed this system again, use the -r|--reseed option ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s http://localhost:80 -r sudo: unable to resolve host ip-172-30-0-237 pollinate: system was previously seeded at [2016-07-29 18:35:31.536507000 +0000] pollinate: client sent challenge to [http://localhost:80] pollinate: client verified challenge/response with [http://localhost:80] pollinate: client hashed response from [http://localhost:80] pollinate: client successfully seeded [/dev/urandom] ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s http://localhost:80 -r sudo: unable to resolve host ip-172-30-0-237 pollinate: system was previously seeded at [2016-07-29 18:41:22.500805583 +0000] pollinate: client sent challenge to [http://localhost:80] pollinate: client verified challenge/response with [http://localhost:80] pollinate: client hashed response from [http://localhost:80] pollinate: client successfully seeded [/dev/urandom] ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s http://localhost:80 -r sudo: unable to resolve host ip-172-30-0-237 pollinate: system was previously seeded at [2016-07-29 18:41:30.108805583 +0000] pollinate: client sent challenge to [http://localhost:80] pollinate: client verified challenge/response with [http://localhost:80] pollinate: client hashed response from [http://localhost:80] pollinate: client successfully seeded [/dev/urandom] ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s https://localhost:443 -r sudo: unable to resolve host ip-172-30-0-237 pollinate: system was previously seeded at [2016-07-29 18:41:31.864805583 +0000] pollinate: client sent challenge to [https://localhost:443] Jul 29 18:41:57 ip-172-30-0-237 pollinate: WARNING: Network communication failed [0]\n18:41:57.604418 * Rebuilt URL to: https://localhost:443/ 18:41:57.604501 * Hostname was NOT found in DNS cache % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 018:41:57.608989 * Trying 127.0.0.1... 18:41:57.609614 * Connected to localhost (127.0.0.1) port 443 (#0) 18:41:57.610109 * successfully set certificate verify locations: 18:41:57.610133 * CAfile: /etc/pollinate/entropy.ubuntu.com.pem CApath: /dev/null 18:41:57.614255 * SSLv3, TLS handshake, Client hello (1): 18:41:57.614281 } [data not shown] 18:41:57.614344 * SSLv3, TLS handshake, Server hello (2): 18:41:57.614362 { [data not shown] 18:41:57.614405 * SSLv3, TLS handshake, CERT (11): 18:41:57.614423 { [data not shown] 18:41:57.614578 * SSLv3, TLS alert, Server hello (2): 18:41:57.614601 } [data not shown] 18:41:57.614653 * SSL certificate problem: self signed certificate 18:41:57.614674 * Closing connection 0 curl: (60) SSL certificate problem: self signed certificate More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. ubuntu@ip-172-30-0-237:~⟫ sudo pollinate -s https://localhost:443 -r --insecure sudo: unable to resolve host ip-172-30-0-237 pollinate: system was previously seeded at [2016-07-29 18:41:31.864805583 +0000] pollinate: client sent challenge to [https://localhost:443] pollinate: client verified challenge/response with [https://localhost:443] pollinate: client hashed response from [https://localhost:443] pollinate: client successfully seeded [/dev/urandom] ubuntu@ip-172-30-0-237:~⟫ tail -f /var/log/syslog | grep pollen Jul 29 18:40:42 ip-172-30-0-237 kernel: [ 318.322041] init: pollen-restart main process (4124) terminated with status 1 Jul 29 18:40:42 ip-172-30-0-237 pollen[4170]: pollen starting at [1469817642774105618] Jul 29 18:40:42 ip-172-30-0-237 kernel: [ 318.598660] type=1400 audit(1469817642.964:15): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/pollen" pid=4178 comm="apparmor_parser" Jul 29 18:41:22 ip-172-30-0-237 pollen[4170]: Server received challenge from [127.0.0.1:58344, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7 cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64 Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817682497520057] with [e3110] available Jul 29 18:41:22 ip-172-30-0-237 pollen[4170]: Server sent response to [127.0.0.1:58344, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7 cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64 Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817682497592495] in [0.000123s] with [e2430] available Jul 29 18:41:30 ip-172-30-0-237 pollen[4170]: Server received challenge from [127.0.0.1:58345, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7 cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64 Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817690105111041] with [e3087] available Jul 29 18:41:30 ip-172-30-0-237 pollen[4170]: Server sent response to [127.0.0.1:58345, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7 cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64 Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817690105175112] in [0.000121s] with [e2423] available Jul 29 18:41:31 ip-172-30-0-237 pollen[4170]: Server received challenge from [127.0.0.1:58346, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7 cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64 Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817691860329191] with [e3081] available Jul 29 18:41:31 ip-172-30-0-237 pollen[4170]: Server sent response to [127.0.0.1:58346, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7 cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64 Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817691860396677] in [0.000136s] with [e2441] available Jul 29 18:42:04 ip-172-30-0-237 pollen[4170]: Server received challenge from [127.0.0.1:33630, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7 cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64 Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817724277826067] with [e3106] available Jul 29 18:42:04 ip-172-30-0-237 pollen[4170]: Server sent response to [127.0.0.1:33630, pollinate/4.21-0ubuntu1~14.04 curl/7.35.0-1ubuntu2.7 cloud-init/0.7.5-0ubuntu1.19 Ubuntu/14.04 GNU/Linux/3.13.0-93-generic/x86_64 Intel(R)/Xeon(R)/CPU/E5-2676/v3/@/2.40GHz] at [1469817724282455502] in [0.004709s] with [e2726] available