diff --git a/src/port/pg_strong_random.c b/src/port/pg_strong_random.c
index c6ee5ea1d46ee84078b6476a6d15efc72a3918c3..739e287e71dc05addfa3b5dacd30d4161e12812e 100644
--- a/src/port/pg_strong_random.c
+++ b/src/port/pg_strong_random.c
@@ -103,6 +103,35 @@ pg_strong_random(void *buf, size_t len)
 	 * When built with OpenSSL, use OpenSSL's RAND_bytes function.
 	 */
 #if defined(USE_OPENSSL_RANDOM)
+	int			i;
+
+	/*
+	 * Check that OpenSSL's CSPRNG has been sufficiently seeded, and if not
+	 * add more seed data using RAND_poll().  With some older versions of
+	 * OpenSSL, it may be necessary to call RAND_poll() a number of times.
+	 */
+#define NUM_RAND_POLL_RETRIES 8
+
+	for (i = 0; i < NUM_RAND_POLL_RETRIES; i++)
+	{
+		if (RAND_status() == 1)
+		{
+			/* The CSPRNG is sufficiently seeded */
+			break;
+		}
+
+		if (RAND_poll() == 0)
+		{
+			/*
+			 * RAND_poll() failed to generate any seed data, which means that
+			 * RAND_bytes() will probably fail.  For now, just fall through
+			 * and let that happen.  XXX: maybe we could seed it some other
+			 * way.
+			 */
+			break;
+		}
+	}
+
 	if (RAND_bytes(buf, len) == 1)
 		return true;
 	return false;