Without this option Wget looks for CA certificates at the
system-specified locations, chosen at OpenSSL installation time.
+@cindex entropy, specifying source of
+@cindex randomness, specifying source of
+@item --random-file=@var{file}
+Use @var{file} as the source of random data for seeding the
+pseudo-random number generator on systems without @file{/dev/random}.
+
+On such systems the SSL library needs an external source of randomness
+to initialize. Randomness may be provided by EGD (see
+@samp{--egd-file} below) or read from an external source specified by
+the user. If this option is not specified, Wget looks for random data
+in @code{$RANDFILE} or, if that is unset, in @file{$HOME/.rnd}. If
+none of those are available, it is likely that SSL encryption will not
+be usable.
+
+If you're getting the ``Could not seed OpenSSL PRNG; disabling SSL.''
+error, you should provide random data using some of the methods
+described above.
+
@cindex EGD
@item --egd-file=@var{file}
Use @var{file} as the EGD socket. EGD stands for @dfn{Entropy
to 5 megabytes. Note that the user's startup file overrides system
settings.
+@item random_file = @var{file}
+Use @var{file} as a source of randomness on systems lacking
+@file{/dev/random}.
+
@item read_timeout = @var{n}
Set the read (and write) timeout---the same as
@samp{--read-timeout=@var{n}}.