diff --git a/lib/isc/crypto.c b/lib/isc/crypto.c
index 7dc870bdd6..b3ab28c4c5 100644
--- a/lib/isc/crypto.c
+++ b/lib/isc/crypto.c
@@ -169,6 +169,8 @@ isc__crypto_initialize(void) {
 
 	/* Protect ourselves against unseeded PRNG */
 	if (RAND_status() != 1) {
+		isc_tlserr2result(ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_CRYPTO,
+				  "RAND_status", ISC_R_CRYPTOFAILURE);
 		FATAL_ERROR("OpenSSL pseudorandom number generator "
 			    "cannot be initialized (see the `PRNG not "
 			    "seeded' message in the OpenSSL FAQ)");
@@ -178,7 +180,7 @@ isc__crypto_initialize(void) {
 	if (!isc_fips_mode()) {
 		if (isc_fips_set_mode(1) != ISC_R_SUCCESS) {
 			isc_tlserr2result(ISC_LOGCATEGORY_GENERAL,
-					  ISC_LOGMODULE_OTHER, "FIPS_mode_set",
+					  ISC_LOGMODULE_CRYPTO, "FIPS_mode_set",
 					  ISC_R_CRYPTOFAILURE);
 			exit(EXIT_FAILURE);
 		}
diff --git a/lib/isc/include/isc/log.h b/lib/isc/include/isc/log.h
index f1c1a47576..2919e3ae74 100644
--- a/lib/isc/include/isc/log.h
+++ b/lib/isc/include/isc/log.h
@@ -176,6 +176,7 @@ enum isc_logmodule {
 	ISC_LOGMODULE_FILE,
 	ISC_LOGMODULE_NETMGR,
 	ISC_LOGMODULE_OTHER,
+	ISC_LOGMODULE_CRYPTO,
 	/* dns modules */
 	DNS_LOGMODULE_DB,
 	DNS_LOGMODULE_RBTDB,
diff --git a/lib/isc/log.c b/lib/isc/log.c
index b3b437dbcd..37b64bdcd4 100644
--- a/lib/isc/log.c
+++ b/lib/isc/log.c
@@ -221,6 +221,7 @@ static const char *modules_description[] = {
 	[ISC_LOGMODULE_FILE] = "file",
 	[ISC_LOGMODULE_NETMGR] = "netmgr",
 	[ISC_LOGMODULE_OTHER] = "other",
+	[ISC_LOGMODULE_CRYPTO] = "crypto",
 	/* dns modules */
 	[DNS_LOGMODULE_DB] = "dns/db",
 	[DNS_LOGMODULE_RBTDB] = "dns/rbtdb",
diff --git a/lib/isc/tls.c b/lib/isc/tls.c
index 944425c778..b98c7721ed 100644
--- a/lib/isc/tls.c
+++ b/lib/isc/tls.c
@@ -83,7 +83,7 @@ isc_tlsctx_attach(isc_tlsctx_t *src, isc_tlsctx_t **ptarget) {
  */
 static void
 sslkeylogfile_append(const SSL *ssl ISC_ATTR_UNUSED, const char *line) {
-	isc_log_write(ISC_LOGCATEGORY_SSLKEYLOG, ISC_LOGMODULE_NETMGR,
+	isc_log_write(ISC_LOGCATEGORY_SSLKEYLOG, ISC_LOGMODULE_CRYPTO,
 		      ISC_LOG_INFO, "%s", line);
 }
 
@@ -130,7 +130,7 @@ isc_tlsctx_createclient(isc_tlsctx_t **ctxp) {
 ssl_error:
 	err = ERR_get_error();
 	ERR_error_string_n(err, errbuf, sizeof(errbuf));
-	isc_log_write(ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_NETMGR,
+	isc_log_write(ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_CRYPTO,
 		      ISC_LOG_ERROR, "Error initializing TLS context: %s",
 		      errbuf);
 
@@ -345,7 +345,7 @@ isc_tlsctx_createserver(const char *keyfile, const char *certfile,
 ssl_error:
 	err = ERR_get_error();
 	ERR_error_string_n(err, errbuf, sizeof(errbuf));
-	isc_log_write(ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_NETMGR,
+	isc_log_write(ISC_LOGCATEGORY_GENERAL, ISC_LOGMODULE_CRYPTO,
 		      ISC_LOG_ERROR, "Error initializing TLS context: %s",
 		      errbuf);