Yes they are. jre/lib/jsse.jar -Mike
On 26 Sep 2002 at 16:32, Antonio Vaughn wrote: > I haven't found the package for jcert.jar or jnet.jar on the sun > microsystems web site. > > Do you know which package I need from the sun site? It isn't > included in the jsdk1.4.1. > > Thanks > > > > On Thu, 26 Sep 2002, Lemuel Typhair wrote: > > > you need to add the jsse jars to the jmeter lib dir. > > > > jcert.jar > > jnet.jar > > jsse.jar > > > > thanks. > > > > > -----Original Message----- > > > From: Antonio Vaughn [mailto:[EMAIL PROTECTED]] > > > Sent: Thursday, September 26, 2002 2:36 PM > > > To: [EMAIL PROTECTED] > > > Subject: Is Server Trusted? > > > > > > > > > Has anyone been able to make HTTPS work in jmeter? > > > If so, please tell me how you accomplished this. > > > I always receive the "Is Server Trusted?" message after > > > it prompts me for my keystore password. > > > > > > I have used openssl0.9.6b for Windows to become my own certificate > > > authority. I am using jdk1.4.1, unstable Jmeter version 1.7.3 running > > > on a Mandrake 8.1 Linux Box, and tomcat 4.0.3. > > > > > > My certificate authority is installed on the same Windows XP > > > machine as > > > the tomcat server. Jmeter is installed on my lLnux box as > > > well as jdk1.4.1 > > > for Mandrake linx. > > > > > > I have used the following procedure to become my > > > own certificate authority. > > > > > > *********************************************** > > > .1 Generate the CA(Certificate Authority) key > > > openssl genrsa -rand -des -out ca.key 1024 > > > > > > .2 Create a self signed certificate > > > openssl req -new -x509 -day 365 -key ca.key -out ca.crt > > > > > > .3 Prompted for location information for the ca.crt certificate. > > > I enter information for every field. For the name of the certificate I > > > use certificate authority. > > > > > > .4 Setup the OpenSSL CA tools > > > mkdir demoCA > > > mkdir demoCA/newcerts > > > create a empty demoCA/index.txt file > > > copy ca.crt to demoCA directory > > > echo 01 > demoCA/serial directory > > > > > > Note: > > > Now, create the client application's key store and export its > > > public key > > > so my own CA can sign it. I enter information for all of the fields, > > > using the same organization and organization unit information > > > as for the > > > certificate authority. I also use a different name then the > > > certificate > > > authority. For the name of the certificate, I use Tomcat Tomcat. > > > > > > .5 Create a new key store for the client application. I use keytool on > > > my linux box to create the keystore > > > keytool -keystore clienttestkeys -genkey -alias client > > > > > > .6 Export the client's public key on my linux box > > > keytool -keystore clienttestkeys -certreq -alias client -file > > > client.crs > > > > > > Note: Now, I save it to a floppy, and then I take it to my Windows XP > > > machine where the certificate authority is installed. > > > > > > .7 Sign the client's key with my CA key on my Windows XP machine > > > openssl ca -config /usr/local/ssl/openssl.cnf -in client.crs -out > > > client.crs.pem -keyfile ca.key > > > > > > Note: Now, I have a file called client.crs.pem, which is the > > > signed public > > > key. It needs to be converted to a format suitable for the > > > JDK's keytool > > > command, and then save it to floppy and import into clienttestkeys > > > keystore on the linux box. > > > > > > .8 Convert to DER format > > > openssl x509 -in client.crs.pem -out client.crs.der -outform DER > > > > > > .9 Import CA certificate (ca.crt) into client's keystore > > > keytool -keystore clienttestkeys -alias client_ca -import ca.crt > > > > > > .10 Import client's signed key into clients' key store > > > keytool -keystore clienttestkeys -alias client -import -file > > > client.crs.der > > > > > > Then, I execute steps 4-9 on the Windows XP for the tomcat server. > > > Since the certificate authority is on the Windows XP machine, > > > I perform > > > all of these steps on the same machine. This time, I substitute the > > > word tomcat everywhere you see client. > > > ************************************************* > > > > > > After I do this, I run Jmeter and it still gives me "Is > > > Server Trusted?" > > > and the GIU tells me NON HTTP Response Code. > > > > > > Next, since Jmeter looks for the default ".keystore" file on > > > my linux box > > > under the user directory which happens to be /root/.keystore, I create > > > this file by copying my clienttestkeys to the /root directory and > > > renaming it to ".keystore". > > > > > > Next, since Jmeter uses the default truststore cacerts file, I have > > > to import Certificate Authority (ca.crt) file that I created on the > > > Windows XP machine to the cacerts keystore on my linux box. So, I > > > copy ca.crt to floppy and bring it to my linux box. I do the following > > > to import to cacert keystore. I do this in the same directory as > > > my cacerts file. > > > keytool -import -file ca.crt -trustcacerts -keystore cacerts > > > -storepass changeit > > > > > > Note: I have used "changeit" for the password for all of these steps. > > > > > > Now, I try my test, and Jmeter still asks me "Is Server Trusted?". > > > > > > Next, I import my tomcat certifate into the cacerts file by doing the > > > following > > > keytool -import -file tomcat.crs.der -trustcacerts -keystore cacerts > > > -storepass changeit > > > > > > Now, I try my test, and Jmeter still asks me "Is Server Trusted?" > > > > > > > > > I am really not sure how I am supposed to use HTTPS, but if anyone > > > has suggestions or instructions, please let me know. > > > > > > > > > Regards, > > > Tony > > > > > > > > > -- > > > To unsubscribe, e-mail: > > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > > > > > -- > > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- Michael Stover [EMAIL PROTECTED] Yahoo IM: mstover_ya ICQ: 152975688 -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
