=item B<RANDFILE>
At startup the specified file is loaded into the random number generator,
-and at exit 256 bytes will be written to it.
+and at exit 256 bytes will be written to it. (Note: Using a RANDFILE is
+not necessary anymore, see the L</HISTORY> section.
=item B<default_days>
serial = $dir/serial # serial no file
#rand_serial = yes # for random serial#'s
private_key = $dir/private/cakey.pem# CA private key
- RANDFILE = $dir/private/.rand # random number file
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
./demoCA/index.txt - CA text database file
./demoCA/index.txt.old - CA text database backup file
./demoCA/certs - certificate output file
- ./demoCA/.rnd - CA random seed information
=head1 RESTRICTIONS
earlier than year 2049 (included), and as GeneralizedTime if the dates
are in year 2050 or later.
+OpenSSL 1.1.1 introduced a new random generator (CSPRNG) with an improved
+seeding mechanism. The new seeding mechanism makes it unnecessary to
+define a RANDFILE for saving and restoring randomness. This option is
+retained mainly for compatibility reasons.
+
=head1 SEE ALSO
L<openssl(1)>,