By default, the Cristie Appliance will use a self signed certificate for the user interface. Most browsers will show a screen similar to this
To import SSL Certificates from the GUI simply select settings → network settings → more options (top right) → Import HTTPS SSL Configuration
You will then be able to import the relevant .crt and .key files
Once complete, your browser should show your connection is secure.
Importing via SSH
1. Login to the server using WinSCP with the username ‘root’ and the password from the previous step
2. Copy the files as follows:
a. The certificate file to: /etc/pki/tls/certs/localhost.crt
b. The key file to: /etc/pki/tls/private//localhost.key
c. The intermediate bundle to: /etc/pki/tls/certs/ca-bundle.crt
The certificates must be in pem form. Instructions to convert to this form should be available from your certificate provider.
Note
If your key file is passphrase protected, you will either need to remove the passphrase from the key or code the passphrase into Apache.
To remove the passphrase, use the openssl command as follows:
/path/to/openssl rsa -in /path/to/originalkeywithpass.key -out /path/to/newkeywithnopass.key
To edit the Apache configuration to include the passphrase, you will need to write a compatible script to be used in conjunction with the SSLPassPhraseDialog configuration parameter, and insert it into the Apache configuration file (/etc/httpd/conf.d/ssl.conf) as directed by the Apache documentation.