Configuring SSL in Scrutinizer¶
Enabling and disabling SSL support in Scrutinizer is done within the Interactive scrut_util.exe shell. It only works with the local Apache Server bundled with Scrutinizer.
To open the Interactive scrut_util.exe, use the following command:
The Scrutinizer prompt will then display:
To enable SSL, at the Scrutinizer prompt, enter:
SCRUTINIZER> set ssl on
This command will alter Scrutinizer’s operations. Please use with caution. Scrutinizer will then issue the following prompt for these mandatory fields:
Enter the secure tcp port to be used. ex: 443
Enter the two-letter abbreviation for the desired country. ex: US
Enter the state/province of the organization. ex: Maine
Enter the city of the organization. ex: Kennebunk
Enter the name of the organization. ex: Plixer
Enter the contact email address. ex: firstname.lastname@example.org
Enter the server name or IP of the Scrutinizer server.
ex: 126.96.36.199 or scrutinizer.company.com
Enter the key encryption size. [2048|4096] ex: 2048
The two-letter ISO abbreviation for the desired country
example: US = United States
|State / Province||
The state/province where the organization is located. Can not be abbreviated.
|City / Locality||
The city where the organization is located.
The exact legal name of the organization. Do not abbreviate.
The email address for the CA (who to contact)
URL to attach to the certificate
example: 10.1.1.10 or scrutinizer.company.com
Creating a signed certificate¶
Enable SSL by running ssl on as described above.
Send the /etc/pki/tls/private/ca.csr file to the Certificate Authority (CA) and ask them to sign it and return it as base 64 encoded and not DER encoded.
When the signed SSL cert is received, stop the apache service within Interactive scrut_util:
SCRUTINIZER> services httpd stop
Replace the active SSL Cert with the new one and rename the file to /etc/pki/tls/certs/ca.crt
Then start the apache service.
SCRUTINIZER> services httpd start
To disable SSL, at the Scrutinizer prompt, enter:
SCRUTINIZER> set ssl off