The secure random calls may be blocking as there is not enough entropy to feed them in /dev/random.

安全随机调用可能会阻塞，因为没有足够的熵将它们提供给 /dev/random。

If you have the line

如果你有这条线

securerandom.source=file:/dev/random

in /jre/lib/security/java.security, changing this to urandom may improve things (although this is probably already the default).

在 /jre/lib/security/java.security 中，将其更改为 urandom 可能会有所改善（尽管这可能已经是默认设置）。

Alternatively there are some suggestions on how to feed the pool here

或者，这里有一些关于如何喂养游泳池的建议

https://security.stackexchange.com/questions/89/feeding-dev-random-entropy-pool

https://security.stackexchange.com/questions/89/feeding-dev-random-entropy-pool

I changed /jre/lib/security/java.security, below: securerandom.source=file:/dev/./urandom

我改变了/jre/lib/security/java.security，如下：securerandom.source=file:/dev/./urandom

Here are some specific instructions to adjust just tomcat as per Henry's answer

以下是根据亨利的回答调整 tomcat 的一些具体说明

create /etc/tomcat/fastersecurerandom.properties

创建 /etc/tomcat/fastersecurerandom.properties

securerandom.source=file:/dev/urandom

edit JAVA_OPTSinside /etc/tomcat/tomcat.conf

JAVA_OPTS在里面编辑/etc/tomcat/tomcat.conf

JAVA_OPTS="-Djava.security.properties=/etc/tomcat/fastersecurerandom.properties"

FYI I found I could not set multiple JAVA_OPTSwith JAVA_OPTS="$JAVA_OPTS ..."despite the commented out examples. Poor old confused tomcat 7 wouldn't start as per a warning in /var/log/messages

仅供参考，我发现尽管注释掉了示例JAVA_OPTS，JAVA_OPTS="$JAVA_OPTS ..."但我无法设置多个。可怜的老糊涂 tomcat 7 不会按照警告启动/var/log/messages

On different versions/flavours you may find variations on where is best to set the environment variables for tomcat. The best way to debug if they are taking affect is is to check the command running like this:

在不同的版本/风格上，您可能会发现最佳设置 tomcat 环境变量的位置的变化。调试它们是否生效的最佳方法是检查如下运行的命令：

$ ps aux | grep java
tomcat    4821  4.7 13.9 2626888 263396 ?      Ssl  22:31   0:23 /usr/lib/jvm/jre/bin/java -DJENKINS_HOME=/opt/jenkins/ -Xmx512m -Djava.net.preferIPv4Stack=true -Djava.net.preferIPv4Addresses=true -Djava.security.properties=/etc/tomcat/fastersecurerandom.properties -classpath /usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat -Dcatalina.home=/usr/share/tomcat -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat/temp -Djava.util.logging.config.file=/usr/share/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start

I faced same issueof tomcat being too slow to start. I followed this article on DigitalOceanand installed haveged instead of using urandom.

我遇到了同样的问题，即 tomcat 启动太慢。我在 DigitalOcean 上关注了这篇文章，并安装了 hasged 而不是使用 urandom。

haveged is a solution which will not compromise on security.

haveged 是一种不会损害安全性的解决方案。

haveged allows generating randomness based on variations in code execution time on a processor. Since it's nearly impossible for one piece of code to take the same exact time to execute, even in the same environment on the same hardware, the timing of running a single or multiple programs should be suitable to seed a random source. The haveged implementation seeds your system's random source (usually /dev/random) using differences in your processor's time stamp counter (TSC) after executing a loop repeatedly

hasged 允许根据处理器上代码执行时间的变化生成随机性。由于一段代码几乎不可能执行完全相同的时间，即使在相同硬件的相同环境中，运行单个或多个程序的时间应该适合随机源。在重复执行循环后，使用处理器的时间戳计数器 (TSC) 中的差异，haged 实现为系统的随机源（通常是 /dev/random）提供种子

How to install haveged

如何安装haged

Follow the steps in this article. https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged

按照本文中的步骤操作。https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged

I have posted it here

我已经张贴在这里

@KCD s answer above almost worked for me, I needed to massage it a bit - as follows:

@KCD 上面的回答几乎对我有用，我需要稍微按摩一下 - 如下：

1) my tomcat was tomcat7, so I created my fastersecurerandom.propertiesfile in the /etc/tomcat7directory,

1）我的tomcat是tomcat7，所以我fastersecurerandom.properties在/etc/tomcat7目录中创建了我的文件，

2) As per another page, I had to change contents of fastersecurerandom.propertiesfrom

2）根据另一个页面，我不得不更改fastersecurerandom.propertiesfrom 的内容

securerandom.source=file:/dev/urandom

securerandom.source=file:/dev/urandom

to

到

securerandom.source=file:/dev/./urandom

securerandom.source=file:/dev/./urandom

3) I didn't have a tomcat.conffile, so I added to my /etc/init.d/tomcat7(tomcat's startup script - I know) , just before the line - catalina_sh() {

3）我没有tomcat.conf文件，所以我添加到我的/etc/init.d/tomcat7（tomcat的启动脚本 - 我知道），就在该行之前 -catalina_sh() {

JAVA_OPTS="$JAVA_OPTS -Djava.security.properties=/etc/tomcat7/fastersecurerandom.properties"

JAVA_OPTS="$JAVA_OPTS -Djava.security.properties=/etc/tomcat7/fastersecurerandom.properties"

Note I added 7to tomcathere too.

注意我也添加7到tomcat这里。

It was worthwhile doing a ps -deaf | grep tomcatto first confirm that the new -Dsetting was getting through to the command, and also to check that it was referring to the correct file, and that the file was there. This is when I noticed the missing 7.

值得ps -deaf | grep tomcat首先确认新-D设置是否已通过命令，并检查它是否引用了正确的文件，以及该文件是否在那里。这是我注意到失踪的时候7。

I was on Java 1.7, and on Ubuntu 14.04.1.

我使用的是 Java 1.7 和 Ubuntu 14.04.1。

Instead of changing the file java.securitydirectly, at least with Java 8 it documents to support the following system property already:

不是java.security直接更改文件，至少在 Java 8 中，它已记录支持以下系统属性：

-Djava.security.egd=file:/dev/random

In the context of Tomcat, that can be used to create a file bin/setenv.shcontaining the following line:

在 Tomcat 的上下文中，可用于创建bin/setenv.sh包含以下行的文件：

CATALINA_OPTS=-Djava.security.egd=file:///dev/urandom