Strange problem with some https sites, certificates not accepted
17 views
Skip to first unread message
Georg Horn
Dec 8, 2017, 2:23:25 PM12/8/17
to Selenium Remote Driver
Hi,
this is not S::R::D:: specific, but i dont know where to ask else...
i have a special firefox profile that i use for testing with Selenium. If i start the browser manually with "firefox -p", select the testing profile and vist for example https://wob.deutsche-bank.de/trxm/logout/pbc/logout_pbc.html everything is fine. But if i load this page in my test script, it shows me the page saying that the site is not safe because it does not know the issuer of the certificate. Indeed, if i go to about:preferences#advanced and watch the installed certs the issuer of the cert is not present. In the original profile it is!
As selenium and/or geckodriver create a copy of the original profile folder for each run, it seems as if some of the certification authorities are removed in that step. WTF? Does anybody have an idea if this behavior can be stopped? Or what else could i do?
this is not S::R::D:: specific, but i dont know where to ask else...
i have a special firefox profile that i use for testing with Selenium. If i start the browser manually with "firefox -p", select the testing profile and vist for example https://wob.deutsche-bank.de/trxm/logout/pbc/logout_pbc.html everything is fine. But if i load this page in my test script, it shows me the page saying that the site is not safe because it does not know the issuer of the certificate. Indeed, if i go to about:preferences#advanced and watch the installed certs the issuer of the cert is not present. In the original profile it is!
As selenium and/or geckodriver create a copy of the original profile folder for each run, it seems as if some of the certification authorities are removed in that step. WTF? Does anybody have an idea if this behavior can be stopped? Or what else could i do?
Georg Horn
Dec 18, 2017, 8:04:56 AM12/18/17
to Selenium Remote Driver
I solved this by creating the Selenium::Remote::Driver instance with:
Not really nice but it works...
$driver = Selenium::Remote::Driver->new(
'extra_capabilities' => { 'acceptInsecureCerts' => JSON::true }
);Not really nice but it works...
George Baugh
Dec 18, 2017, 8:57:06 PM12/18/17
to Selenium Remote Driver
In general when testing with selenium, I disable cert verify. This is because it's the wrong tool for the job when it comes to testing SSL on a site.
OpenSSL and GNUTLS both have better tools for doing this; If you are checking things like SSL redirects, reach for LWP instead. As to checking for mixed content, you can do that whether or not the cert is valid in WebDriver.
OpenSSL and GNUTLS both have better tools for doing this; If you are checking things like SSL redirects, reach for LWP instead. As to checking for mixed content, you can do that whether or not the cert is valid in WebDriver.
Reply all
Reply to author
Forward
0 new messages