Problem

When first starting Crowd it takes an extremely long time to start up (up to an hour).

The following appears in the catalina.out

Jul 08, 2015 3:08:22 PM org.apache.catalina.util.SessionIdGenerator createSecureRandom 
INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [3,599,693] milliseconds. 
Jul 08, 2015 3:08:22 PM org.apache.catalina.startup.HostConfig deployDescriptor 
INFO: Deployment of configuration descriptor /opt/atlassian/crowd/apache-tomcat/conf/Catalina/localhost/openidserver.xml has finished in 3,613,735 ms

Diagnosis

Environment

• Oracle Java installed in a Unix/Linux environment
• Tomcat 7

Diagnostic steps

• Run the following from the command line
  • head -n 1 /dev/random
• If the command does not return immediately, use the steps below to configure the JVM to use  /dev/urandom instead of /dev/random

Cause

There is a known issue with Java and Tomcat in he library used for random number generation in Sun's JVM which relies on  /dev/random. This random number generator can block the application server process from starting 'because on some operating systems  /dev/random  waits for a certain amount of "noise" to be generated on the host machine before returning a result' (see Avoiding JVM Delays Caused by Random Number Generation).

Workaround

1. Stop Crowd
2. Update java.security file
   1. For Java 8, open the $JAVA_HOME/lib/security/java.security file in a text editor
      1.  Find the line: securerandom.source=file:/dev/random 
      2. Change it to read: securerandom.source=file:/dev/urandom
   2. For Java 11+, open the $JAVA_HOME/conf/security/java.security file in a text editor
      1.  Find the line: securerandom.source=file:/dev/random 
      2. Change it to read: securerandom.source=file:/dev/urandom
3. Save your change and exit the text editor
4. Start Crowd