jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lemuel Typhair" <ltyph...@Works.com>
Subject RE: Is Server Trusted?
Date Thu, 26 Sep 2002 19:35:49 GMT
you need to add the jsse jars to the jmeter lib dir.

jcert.jar
jnet.jar
jsse.jar

thanks.

> -----Original Message-----
> From: Antonio Vaughn [mailto:avaughn@csee.usf.edu]
> Sent: Thursday, September 26, 2002 2:36 PM
> To: jmeter-user@jakarta.apache.org
> Subject: Is Server Trusted?
> 
> 
> Has anyone been able to make HTTPS work in jmeter?
> If so, please tell me how you accomplished this.
> I always receive the "Is Server Trusted?" message after
> it prompts me for my keystore password.
> 
> I have used openssl0.9.6b for Windows to become my own certificate
> authority. I am using jdk1.4.1, unstable Jmeter version 1.7.3 running
> on a Mandrake 8.1 Linux Box, and tomcat 4.0.3.
> 
> My certificate authority is installed on the same Windows XP 
> machine as
> the tomcat server. Jmeter is installed on my lLnux box as 
> well as jdk1.4.1
> for Mandrake linx.
> 
> I have used the following procedure to become my
> own certificate authority.
> 
> ***********************************************
> .1 Generate the CA(Certificate Authority) key
> openssl genrsa -rand -des -out ca.key 1024
> 
> .2 Create a self signed certificate
> openssl req -new -x509 -day 365 -key ca.key -out ca.crt
> 
> .3 Prompted for location information for the ca.crt certificate.
> I enter information for every field. For the name of the certificate I
> use certificate authority.
> 
> .4 Setup the OpenSSL CA tools
> mkdir demoCA
> mkdir demoCA/newcerts
> create a empty demoCA/index.txt file
> copy ca.crt to demoCA directory
> echo 01 > demoCA/serial directory
> 
> Note:
> Now, create the client application's key store and export its 
> public key
> so my own CA can sign it. I enter information for all of the fields,
> using the same organization and organization unit information 
> as for the
> certificate authority. I also use a different name then the 
> certificate
> authority. For the name of the certificate, I use Tomcat Tomcat.
> 
> .5 Create a new key store for the client application. I use keytool on
> my linux box to create the keystore
> keytool -keystore clienttestkeys -genkey -alias client
> 
> .6 Export the client's public key on my linux box
> keytool -keystore clienttestkeys -certreq -alias client -file 
> client.crs
> 
> Note: Now, I save it to a floppy, and then I take it to my Windows XP
> machine where the certificate authority is installed.
> 
> .7 Sign the client's key with my CA key on my Windows XP machine
> openssl ca -config /usr/local/ssl/openssl.cnf -in client.crs -out
> client.crs.pem -keyfile ca.key
> 
> Note: Now, I have a file called client.crs.pem, which is the 
> signed public
> key. It needs to be converted to a format suitable for the 
> JDK's keytool
> command, and then save it to floppy and import into clienttestkeys
> keystore on the linux box.
> 
> .8 Convert to DER format
> openssl x509 -in client.crs.pem -out client.crs.der -outform DER
> 
> .9 Import CA certificate (ca.crt) into client's keystore
> keytool -keystore clienttestkeys -alias client_ca -import ca.crt
> 
> .10 Import client's signed key into clients' key store
> keytool -keystore clienttestkeys -alias client -import -file
> client.crs.der
> 
> Then, I execute steps 4-9 on the Windows XP for the tomcat server.
> Since the certificate authority is on the Windows XP machine, 
> I perform
> all of these steps on the same machine. This time, I substitute the
> word tomcat everywhere you see client.
> *************************************************
> 
> After I do this, I run Jmeter and it still gives me "Is 
> Server Trusted?"
> and the GIU tells me NON HTTP Response Code.
> 
> Next, since Jmeter looks for the default ".keystore" file on 
> my linux box
> under the user directory which happens to be /root/.keystore, I create
> this file by copying my clienttestkeys to the /root directory and
> renaming it to ".keystore".
> 
> Next, since Jmeter uses the default truststore cacerts file, I have
> to import Certificate Authority (ca.crt) file that I created on the
> Windows XP machine to the cacerts keystore on my linux box. So, I
> copy ca.crt to floppy and bring it to my linux box. I do the following
> to import to cacert keystore. I do this in the same directory as
> my cacerts file.
> keytool -import -file ca.crt -trustcacerts -keystore cacerts 
> -storepass changeit
> 
> Note: I have used "changeit" for the password for all of these steps.
> 
> Now, I try my test, and Jmeter still asks me "Is Server Trusted?".
> 
> Next, I  import my tomcat certifate into the cacerts file by doing the
> following
> keytool -import -file tomcat.crs.der -trustcacerts -keystore cacerts
> -storepass changeit
> 
> Now, I try my test, and Jmeter still asks me "Is Server Trusted?"
> 
> 
> I am really not sure how I am supposed to use HTTPS, but if anyone
> has suggestions or instructions, please let me know.
> 
> 
> Regards,
> Tony
> 
> 
> --
> To unsubscribe, e-mail:   
<mailto:jmeter-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:jmeter-user-help@jakarta.apache.org>



--
To unsubscribe, e-mail:   <mailto:jmeter-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jmeter-user-help@jakarta.apache.org>


Mime
View raw message