KB442357: Linux Entropy and SSL connections issue

SUMMARY
Entropy is often overlooked, misconfigured or forgotten and it can originate in sporadic errors whether it can be timeouts, refused connections, etc. that, for example, could affect the SSL communication used by Strategy Products. Such errors are difficult to debug as the errors happen only when there is not enough entropy available.
Note:
This article is meant to provide some helpful hints about entropy. It is not meant to be exhaustive or definitive. There are hundreds of information sources on the Internet.
Many processes generate certificates, keys, IDs, etc., so they need a random source to avoid generating those assets in a predictable way. In RedHat and other Linux distributions there are a couple of special devices that can be used for gathering random numbers for those processes:

/dev/random
/dev/urandom

Focusing on SSL, OpenSSL will use the entropy of the system to generate the primes needed by RSA. Further, entropy is just a measure of unpredictability in a sequence, not an actual pool of stored bits. The larger the estimation of entropy, the more likely certain things will have unpredictable behaviors, such as a sequence of random numbers.
OpenSSL seeks for the kernel to keep entropy as full as possible. However, OpenSSL will seed from /dev/urandom by default, and unfortunately, this device will still exhaust entropy, but the Operating System rather than block it when there is no entropy estimate, it will use a PRNG to generate the rest of the data. Keep the entropy pool filled, and the PRNG will never have to be been utilized.
The /dev/urandom in the Linux kernel uses SHA1, which will generate a total of 2^160 numbers before recycling when the entropy pool is exhausted.
3.4. USING THE RANDOM NUMBER GENERATOR (RedHat documentation)
For example when you have an entropy pool of "4096 bits", it means that the random numbers being generated have the highest quality of unpredictability you can produce. But as the entropy pool estimation drops, the confidence in the sequence of random numbers will also drop. When the entropy pool is equal to 0, the kernel will block at generating random data until the pool can be filled again, in other words, as random data is generated, the estimation of entropy gets reduced; this is the behavior of /dev/random.

Linux Entropy Lifecycle

Source: BlackHat 2015
Essential points:
-Entropy is the uncertainty of an outcome. 
-Randomness is about the quality of that uncertainty from a historical perspective.
-Full entropy is 100% random. 
-Entropy has a quantity. 
-Randomness has a quality.
SYMPTOM
Errors like the following can be seen recorded at the DSSErrors.log file:

[Database Classes][Error] Connect failed. Unable to connect. Error communicating with connection process. Child Process hung: Command ConnectionConnectWithNewParameters. It may be stressed.

Error type: System call error. Error communicating with connection process. Child Process hung: Command ConnectionConnectWithNewParameters. The target data source hasn't responded to the Connect request after 300 seconds. It may be stressed. Connection String: DSN=DSN_NAME;UID=mstradmin;. SQL Statement: Connect.

[MultiProcess][Error] Cannot execute command because there was an error on a previous command
2018-09-26 11:05:30.311-05:00 [HOST:vxpip-pmstri02][SERVER:CastorServer][PID:57585][THR:705828608][Metadata Server][Error][0x80041404] Database error <1>: Connect failed. Unable to connect.

CAUSE
The Entropy pool in the Operating System is insufficient at that time for the particular demand. 
The following command executed by the root/sudo user could be used to check the current entropy value:

cat /proc/sys/kernel/random/entropy_avail

If it returns anything less than 100-200, you might have a problem. The consensus from the Operating System provider is that numbers below 1000 will lead to processes blocking waiting for more entropy.
ACTION
The Linux system administrator should evaluate this workaround prior to applying it to determine if it is appropriate for the system.
The following commands could be run in the Linux Operating System by a user with appropriate privileges to supply the entropy pool with values from /dev/urandom using one of the following examples:
A)

ln -sf /dev/urandom /dev/random

B) Try installing rng-tools and execute the following:

rngd -r /dev/urandom

C) If this is a Cloud environment:
The entropy sources in cloud instances are very dependent on the provider of choice where the instance is running but there are some methods to try to improve it.
Entropy in RHEL based cloud instances
D) Please do check the REFERENCES section for more options and information.
Third Party Products Disclaimer
WARNING
The third-party product(s) discussed in this technical note is manufactured by vendors independent of Strategy. Strategy makes no warranty, express, implied or otherwise, regarding this product, including its performance or reliability.
REFERENCES
Ensuring Randomness with Linux's Random Number Generator
RHEL7: How to get started with random number generator
How to generate entropy in SLES 11 SP1 and Later
Windows and Linux Random Number Generation
Process: A Comparative Analysis
You can also read:
-This article about Random Numbers and Virtual Machines,
-This RedHat article about RHEL VM: Access to Random Numbers Made Easy,
-This Intel article about the differences between RDRAND and RDSEED instructions ,
-This discussion dealing with Myths about /dev/urandom,
-This article about the Best Entropy Generation Software for Linux,
-This Digital Ocean tutorial about the haveged daemon,
-This Wikipedia article about a comparison of hardware random number generators,
-This article from Techrepublic about the use of haveged,
-This RedHat article about the new getrandom system call available in RHEL 7.4,
-The RHEL 7.4 Release notes contain details about the new Jitter Entropy Random Number Generator (RNG), which collects entropy through CPU timing differences to the Linux kernel,
-This AWS article about Better Random Number Generation for OpenSSL, libc, and Linux Mainline.
Article Reference Number: KB442357