diff --git a/builtin/logical/transit/policy.go b/builtin/logical/transit/policy.go
index ee313a19a4..b619c61921 100644
--- a/builtin/logical/transit/policy.go
+++ b/builtin/logical/transit/policy.go
@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"crypto/aes"
 	"crypto/cipher"
-	"crypto/rand"
 	"crypto/sha256"
 	"encoding/base64"
 	"encoding/json"
@@ -529,8 +528,7 @@ func (p *policy) rotate(storage logical.Storage) error {
 	}
 
 	// Generate a 256bit key
-	newKey := make([]byte, 32)
-	_, err := rand.Read(newKey)
+	newKey, err := uuid.GenerateRandomBytes(32)
 	if err != nil {
 		return err
 	}
@@ -549,8 +547,6 @@ func (p *policy) rotate(storage logical.Storage) error {
 		p.MinDecryptionVersion = 1
 	}
 
-	//fmt.Printf("policy %s rotated to %d\n", p.Name, p.LatestVersion)
-
 	return p.Persist(storage)
 }