Reputation:
Maven Selenium HTTPS
I am testing my web application's security and all of my pages are served over ssl. The issue I am having is the certificate is not trusted as firefox starts in a new profile each time. I was reading on OpenQA's site about a jar and importing the certificate, but that is only for Internet Explorer and Firefox should automatically be handled.
Is there anything special I need to do in order for certificates to automatically be trusted?
Thanks, Walter
Upvotes: 1
Views: 1743
Answers (5)
Reputation: 2213
I've put together an example that shows how to use Selenium to test HTTPS endpoints -- without ignoring certificate validation errors. It shows how to setup the selenium clients with trusted root CAs that can be used to validate the server certificates presented by the HTTPS endpoints being tested. See https://github.com/JeNeSuisPasDave/Selenium-and-TLS
This example uses Python, but the code that interacts with the Selenium WebDriver should be easily tranlated to Java. The example demonstrates Chrome and Firefox Selenium nodes.
Upvotes: 0
Reputation: 2319
This can be done by starting up the Selenium server with the '-trustAllSSLCertificates' and configuring the browser to use the Selenium server as a proxy. Depending on how you set up Firefox, you can either use a custom profile to set up the proxy settings or use a custom browser launcher that can set that up for you.
I wrote up an article that goes into more details with some code samples:
http://mogotest.com/blog/2010/04/13/how-to-accept-self-signed-ssl-certificates-in-selenium
Hopefully that helps you out.
Upvotes: 0
Reputation:
I am using HtmlUnit instead and while it does not really test browser compatibility, it does help ensure stuff works.
Walter
Upvotes: 0
Reputation: 7451
Create a new blank Firefox profile, accept the cert, and then use that as your profile.
Instructions here: http://townx.org/blog/elliot/dealing-self-signed-ssl-certificates-when-running-selenium-server-firefox
I realize you are using Maven, but in Ant you would:
<target name="selenium" description="Runs the QA Selenium HTML test suite">
<mkdir dir="build/reports/selenium"/>
<java jar="${selenium.dir}/selenium-server.jar" fork="true" spawn="false">
<arg value="-htmlSuite"/>
<arg value="*chrome"/>
<arg value="${selenium.browser.url}"/>
<arg value="selenium-test/testSuite.html"/>
<arg value="build/reports/selenium"/>
<arg value="-firefoxProfileTemplate"/>
<arg value="selenium-test/sslSupport"/>
<arg value="-trustAllSSLCertificates"/>
<arg value="-timeout"/>
<arg value="300000"/>
</java>
</target>
I put the Firefox profile under selenium-test/sslSupport, selenium.dir is where selenium is installed, and selenium.browser.url is the URL to start the test at.
Upvotes: 3
Reputation: 8223
You can install the RCE (Remember Certificate Exception) Firefox add-on To a custom firefox profile, which will then accept all unknown certificates when they are encountered. You will need to modify any waitForPageToLoad commands though so that they allow for the certificate to be accepted. In my setup (Java/TestNG/Selenium RC) I have a waitForUnsecuredPageToLoad method that checks to see if the title of the loaded page is the certificate warning page, and if so I waitForPageToLoad again. It works well and is cross browser safe.
Upvotes: 1
Related Questions
- Add ssl certificate to selenium-webdriver
- What is the correct way of forcing maven to use HTTPS for maven central?
- Selenium (Chrome) and BrowserMob doesn't work for https
- Force m2e to use http instead of https
- How to configure Maven to use HTTPS when connecting to repo.maven.apache.org
- https login request - selenium webdriver
- Firefox selenium webdriver gives "Insecure Connection"
- Selenium and HTTPS/SSL
- Use a secure maven repository over https
- Selenium - website's security certificate