Using Cristie Protect in Encrypted Mode

Follow the steps below to use Cristie Protect in Encrypted Mode (i.e https).

You can import SSL Certificates from the GUI via the tools menu by selecting the “SSL Certificates”

You will then be able to import the relevant .crt and .key files

Importing via SSH

1. Login to the server using WinSCP with the username ‘root’ and the password from the previous step

2. Copy the files as follows:
a. The certificate file to: /etc/pki/tls/certs/localhost.crt
b. The key file to: /etc/pki/tls/private//localhost.key
c. The intermediate bundle to: /etc/pki/tls/certs/ca-bundle.crt

The certificates must be in pem form. Instructions to convert to this form should be available from your certificate provider.


If your key file is passphrase protected, you will either need to remove the passphrase from the key or code the passphrase into Apache.

To remove the passphrase, use the openssl command as follows:
/path/to/openssl rsa -in /path/to/originalkeywithpass.key -out /path/to/newkeywithnopass.key

To edit the Apache configuration to include the passphrase, you will need to write a compatible script to be used in conjunction with the SSLPassPhraseDialog configuration parameter, and insert it into the Apache configuration file (/etc/httpd/conf.d/ssl.conf) as directed by the Apache documentation.