jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lemuel Typhair" <>
Subject RE: Is Server Trusted?
Date Thu, 26 Sep 2002 19:35:49 GMT
you need to add the jsse jars to the jmeter lib dir.



> -----Original Message-----
> From: Antonio Vaughn []
> Sent: Thursday, September 26, 2002 2:36 PM
> To:
> Subject: Is Server Trusted?
> Has anyone been able to make HTTPS work in jmeter?
> If so, please tell me how you accomplished this.
> I always receive the "Is Server Trusted?" message after
> it prompts me for my keystore password.
> I have used openssl0.9.6b for Windows to become my own certificate
> authority. I am using jdk1.4.1, unstable Jmeter version 1.7.3 running
> on a Mandrake 8.1 Linux Box, and tomcat 4.0.3.
> My certificate authority is installed on the same Windows XP 
> machine as
> the tomcat server. Jmeter is installed on my lLnux box as 
> well as jdk1.4.1
> for Mandrake linx.
> I have used the following procedure to become my
> own certificate authority.
> ***********************************************
> .1 Generate the CA(Certificate Authority) key
> openssl genrsa -rand -des -out ca.key 1024
> .2 Create a self signed certificate
> openssl req -new -x509 -day 365 -key ca.key -out ca.crt
> .3 Prompted for location information for the ca.crt certificate.
> I enter information for every field. For the name of the certificate I
> use certificate authority.
> .4 Setup the OpenSSL CA tools
> mkdir demoCA
> mkdir demoCA/newcerts
> create a empty demoCA/index.txt file
> copy ca.crt to demoCA directory
> echo 01 > demoCA/serial directory
> Note:
> Now, create the client application's key store and export its 
> public key
> so my own CA can sign it. I enter information for all of the fields,
> using the same organization and organization unit information 
> as for the
> certificate authority. I also use a different name then the 
> certificate
> authority. For the name of the certificate, I use Tomcat Tomcat.
> .5 Create a new key store for the client application. I use keytool on
> my linux box to create the keystore
> keytool -keystore clienttestkeys -genkey -alias client
> .6 Export the client's public key on my linux box
> keytool -keystore clienttestkeys -certreq -alias client -file 
> Note: Now, I save it to a floppy, and then I take it to my Windows XP
> machine where the certificate authority is installed.
> .7 Sign the client's key with my CA key on my Windows XP machine
> openssl ca -config /usr/local/ssl/openssl.cnf -in -out
> -keyfile ca.key
> Note: Now, I have a file called, which is the 
> signed public
> key. It needs to be converted to a format suitable for the 
> JDK's keytool
> command, and then save it to floppy and import into clienttestkeys
> keystore on the linux box.
> .8 Convert to DER format
> openssl x509 -in -out -outform DER
> .9 Import CA certificate (ca.crt) into client's keystore
> keytool -keystore clienttestkeys -alias client_ca -import ca.crt
> .10 Import client's signed key into clients' key store
> keytool -keystore clienttestkeys -alias client -import -file
> Then, I execute steps 4-9 on the Windows XP for the tomcat server.
> Since the certificate authority is on the Windows XP machine, 
> I perform
> all of these steps on the same machine. This time, I substitute the
> word tomcat everywhere you see client.
> *************************************************
> After I do this, I run Jmeter and it still gives me "Is 
> Server Trusted?"
> and the GIU tells me NON HTTP Response Code.
> Next, since Jmeter looks for the default ".keystore" file on 
> my linux box
> under the user directory which happens to be /root/.keystore, I create
> this file by copying my clienttestkeys to the /root directory and
> renaming it to ".keystore".
> Next, since Jmeter uses the default truststore cacerts file, I have
> to import Certificate Authority (ca.crt) file that I created on the
> Windows XP machine to the cacerts keystore on my linux box. So, I
> copy ca.crt to floppy and bring it to my linux box. I do the following
> to import to cacert keystore. I do this in the same directory as
> my cacerts file.
> keytool -import -file ca.crt -trustcacerts -keystore cacerts 
> -storepass changeit
> Note: I have used "changeit" for the password for all of these steps.
> Now, I try my test, and Jmeter still asks me "Is Server Trusted?".
> Next, I  import my tomcat certifate into the cacerts file by doing the
> following
> keytool -import -file -trustcacerts -keystore cacerts
> -storepass changeit
> Now, I try my test, and Jmeter still asks me "Is Server Trusted?"
> I am really not sure how I am supposed to use HTTPS, but if anyone
> has suggestions or instructions, please let me know.
> Regards,
> Tony
> --
> To unsubscribe, e-mail:   
For additional commands, e-mail:

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message