SSL

Configuring SSL in Scrutinizer

Enabling and disabling SSL support in Scrutinizer is done within the Interactive scrut_util.exe shell. It only works with the local Apache Server bundled with Scrutinizer.

To open the Interactive scrut_util.exe, use the following command:

/home/plixer/scrutinizer/bin/scrut_util.exe

The Scrutinizer prompt will then display:

SCRUTINIZER>

Enabling SSL

To enable SSL, at the Scrutinizer prompt, enter:

SCRUTINIZER> set ssl on

Warning

This command will alter Scrutinizer’s operations. Please use with caution. Scrutinizer will then issue the following prompt for these mandatory fields:

Enter the secure tcp port to be used. ex: 443

Enter the two-letter abbreviation for the desired country. ex: US

Enter the state/province of the organization. ex: Maine

Enter the city of the organization. ex: Kennebunk

Enter the name of the organization. ex: Plixer

Enter the contact email address. ex: name@company.com

Enter the server name or IP of the Scrutinizer server.

ex: 1.2.3.4 or scrutinizer.company.com

Enter the key encryption size. [2048|4096] ex: 2048

Name Field Explanation
Country Name

The two-letter ISO abbreviation for the desired country

example: US = United States

State / Province

The state/province where the organization is located. Can not be abbreviated.

example: Maine

City / Locality

The city where the organization is located.

example: Kennebunk

Organization

The exact legal name of the organization. Do not abbreviate.

example: Plixer

Email Address

The email address for the CA (who to contact)

example: someone@your.domain

Common Name

URL to attach to the certificate

example: 10.1.1.10 or scrutinizer.company.com

Key Size

2048, 4096

example: 2048

Creating a signed certificate

  1. Enable SSL by running ssl on as described above.

  2. Send the /etc/pki/tls/private/ca.csr file to the Certificate Authority (CA) and ask them to sign it and return it as base 64 encoded and not DER encoded.

  3. When the signed SSL cert is received, stop the apache service within Interactive scrut_util:

    SCRUTINIZER> services httpd stop

  1. Replace the active SSL Cert with the new one and rename the file to /etc/pki/tls/certs/ca.crt

  2. Then start the apache service.

    SCRUTINIZER> services httpd start

Disabling SSL

To disable SSL, at the Scrutinizer prompt, enter:

SCRUTINIZER> set ssl off