diff --git a/server/src/com/cloud/consoleproxy/AgentHookBase.java b/server/src/com/cloud/consoleproxy/AgentHookBase.java
index 9dfffd4b98f..9864cae301f 100644
--- a/server/src/com/cloud/consoleproxy/AgentHookBase.java
+++ b/server/src/com/cloud/consoleproxy/AgentHookBase.java
@@ -17,9 +17,11 @@
 
 package com.cloud.consoleproxy;
 
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.util.Date;
-import java.util.Random;
 
+import org.apache.commons.codec.binary.Base64;
 import org.apache.log4j.Logger;
 
 import com.google.gson.Gson;
@@ -65,7 +67,6 @@ public abstract class AgentHookBase implements AgentHook {
     ConfigurationDao _configDao;
     AgentManager _agentMgr;
     KeystoreManager _ksMgr;
-    final Random _random = new Random(System.currentTimeMillis());
     KeysManager _keysMgr;
 
     public AgentHookBase(VMInstanceDao instanceDao, HostDao hostDao, ConfigurationDao cfgDao, KeystoreManager ksMgr, AgentManager agentMgr, KeysManager keysMgr) {
@@ -187,17 +188,22 @@ public abstract class AgentHookBase implements AgentHook {
     @Override
     public void startAgentHttpHandlerInVM(StartupProxyCommand startupCmd) {
         StartConsoleProxyAgentHttpHandlerCommand cmd = null;
-        String storePassword = String.valueOf(_random.nextLong());
-        byte[] ksBits = _ksMgr.getKeystoreBits(ConsoleProxyManager.CERTIFICATE_NAME, ConsoleProxyManager.CERTIFICATE_NAME, storePassword);
-
-        assert (ksBits != null);
-        if (ksBits == null) {
-            s_logger.error("Could not find and construct a valid SSL certificate");
-        }
-        cmd = new StartConsoleProxyAgentHttpHandlerCommand(ksBits, storePassword);
-        cmd.setEncryptorPassword(getEncryptorPassword());
 
         try {
+            SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+
+            byte[] randomBytes = new byte[16];
+            random.nextBytes(randomBytes);
+            String storePassword = Base64.encodeBase64String(randomBytes);
+
+            byte[] ksBits = _ksMgr.getKeystoreBits(ConsoleProxyManager.CERTIFICATE_NAME, ConsoleProxyManager.CERTIFICATE_NAME, storePassword);
+
+            assert (ksBits != null);
+            if (ksBits == null) {
+                s_logger.error("Could not find and construct a valid SSL certificate");
+            }
+            cmd = new StartConsoleProxyAgentHttpHandlerCommand(ksBits, storePassword);
+            cmd.setEncryptorPassword(getEncryptorPassword());
 
             HostVO consoleProxyHost = findConsoleProxyHost(startupCmd);
 
@@ -209,6 +215,8 @@ public abstract class AgentHookBase implements AgentHook {
             } else {
                 s_logger.info("Successfully sent out command to start HTTP handling in console proxy agent");
             }
+        }catch (NoSuchAlgorithmException e) {
+            s_logger.error("Unexpected exception in SecureRandom Algorithm selection ", e);
         } catch (AgentUnavailableException e) {
             s_logger.error("Unable to send http handling startup command to the console proxy resource for proxy:" + startupCmd.getProxyVmId(), e);
         } catch (OperationTimedoutException e) {