openssl req -new -out output.pem -key my_key.pem -days 9999 -x509 -config openssl.cnf
There's also a way to do this with the java "keytool" application.
If you purchased your SSL certificate from Verisign or Thawte, then it should be automatically trusted by the "trust file" within the JVM (Sun seems to ship JVMs with certs from these two suppliers). If you created your own certificate, you'll need to import that cert into cacerts.
1. Find the trusted file "cacerts" in your JRE, e.g.
find /java_install -name "cacerts"
2. Copy that file to a backup
cp cacerts cacerts.bak
3. Install your certificate into the trust file (note: the file cacerts
ships from Sun with password "changeit")
keytool -import -alias <mycompany> -file mycert.pem -keystore $JAVA_HOME/jre/lib/security/cacerts
4. Verify that your cert was imported:
keytool -list -keystore $JAVA_HOME/jre/lib/security/cacerts
2. You must enable SSL support (i.e., support for URLs that start with
"https") in your test rig's JVM. Some environments like Weblogic offer native
SSL support, which is fast compared to pure java. For Weblogic, set the
property weblogic.security.ssl.enable=true in the config file and just start
using URLs like "https://myhost". Also, there is at least one free
SSL implementation in java.
1. Add the three key jars to your JVM's "ext" (extentions) directory;
cp jcert.jar jnet.jar jsse.jar $JAVA_HOME/jre/lib/ext/
2. After the jars are in place, you must modify the file "java.security"
to allow usage of the providers found within the jars. Find the file
find $JAVA_HOME -name "java.security"
3. Add the following line to the file java.security:
Then start using URLs like "https://myhost" within the test rig.
The HTTPS protocol will automatically cause new provider classes within
the extention jars to be employed for a java.net.URL class and its related
connections. Note that you should NOT add these jars to the CLASSPATH.
Javax jars are accessed by the JVM by their inclusion in the magic "ext"
See how to make your certificate trusted.
Compiled 12 Mar 2001 by larry hamel. Please post corrections/comments to the httpunit discussion list.