Skip to main content

Handling Untrusted SSL certificates in Firefox browser

Firstly, WHAT IS SSL CERTIFICATE ?

SSL is used to keep sensitive information which is sent across the Internet encrypted so that only the intended recipient understand it. This is important because, the information that we send on the internet is passed from one system to other system to the destination server.
If it is not encrypted with an SSL certificate, any computer in between you and the destination server can see your private information such as credit card numbers, usernames, passwords and other sensitive information.
When an SSL certificate is used, the information will be encrypted and it will ensure that you are sending information to the right server and not to a criminal’s server.

WHEN DO WE GET UNTRUSTED CONNECTION ERROR

When ever you try to visit a website whose web address starts with https, your communication with this site is encrypted to ensure your privacy. Before starting the encrypted communication the website, you will be presented with a "certificate" to identify itself.
The certificate helps to determine whether the site you are visiting is actually the site that it claims to be. If there is any problem with the certificate, you will see an alert saying 'This Connection Is Untrusted'. What it means is that browser (Firefox/Chrome etc) isn't able to verify the identity of the website, there cab be several problems which can cause browser to reject a certificate.
This is how the error looks like :
handle SSL certificates with selenium
The below are the common errors that we see :

1. Certificate will not be valid until (date)

Error code: sec_error_expired_issuer_certificate
This error can occur if our system clock has the wrong date, check error message which will be in the past. We can fix this problem, by setting system clock to current date.

2. Certificate expired on (date)

Error code: sec_error_expired_certificate
This error occurs when a website identity certification has expired. This can also occur if system clock has the wrong date. We can fix this problem, by setting system clock to current date.

3. Certificate is only valid for (site name)

Error code: ssl_error_bad_cert_domain
This error says that the identification sent to you by the site is actually for another site. While anything you send would be safe from eavesdroppers , the recipient may not be the same who you think it is.
The above listed errors are the common errors, you may come across other errors which actually depends on the websites that you access.
Now Let us see how to handle SSL Untrusted Connection and Accept with Selenium webdriver. Let me try to do with Firefox browser first and then we will go with other browsers.
We will create new firefox profile and set 'setAcceptUntrustedCertificates' as true and setAssumeUntrustedCertificateIssuer as false.
package com.example;

import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.firefox.FirefoxDriver;
import org.openqa.selenium.firefox.FirefoxProfile;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

public class SSLExample {
 
 private WebDriver driver;

 @BeforeClass
 public void setUp() {
  //Creating new Firefox profile
  FirefoxProfile profile = new FirefoxProfile();
  profile.setAcceptUntrustedCertificates(true); 
  profile.setAssumeUntrustedCertificateIssuer(false);
  driver = new FirefoxDriver(profile); 
  driver.manage().window().maximize();
 }
 
 @Test
 public void openApplication() {
  System.out.println("Navigating application");
  driver.get("https://cacert.org/");
  WebElement headingEle = driver.findElement(By.cssSelector(".story h3"));
  //Validate heading after accepting untrusted connection
  String expectedHeading = "Are you new to CAcert?";
  Assert.assertEquals(headingEle.getText(), expectedHeading);
 }
 
 @AfterClass
 public void tearDown() {
  if(driver!=null) 
   driver.quit();
 }
 
}
Done. You have now accepted the SSL Certificate with Selenium webdriver.
Labels:

Comments

Post a Comment

Popular posts from this blog

A Tutorial to Send Email using JMeter

Sending email is a mundane activity in any professional’s life. It’s a common medium for communication nowadays. Therefore performance testing of email server is not only important but necessary for an organization. JMeter can be helpful to perform load testing in such scenarios. In this tutorial, we will see how JMeter can be used to send email. We will use SMTP Sampler of JMeter to send an email. JavaMail API is needed to enable email functionality in JMeter. Download it from  here  and paste the jar in JMeter’s lib folder. Now, perform below steps to configure SMTP Sampler. Add a new Thread Group under Test Plan. Right click on Thread Group and select Add–>Sampler–>SMTP Sampler. We need to populate SMTP server’s details in this sampler. We will use GMail for sending an email. For this, enter these values in SMTP Sampler fields. Server: smtp.googlemail.com, Port: 587. Provide values in Email Address From and To fields of Mail Settings section to specify sender...
Post a Comment
Read more

JMeter Exceeded Maximum Number of Redirects Error Solution

While running performance test, JMeter allows maximum 5 redirects by default. However, if your system demands more than 5 redirects, it may result in JMeter exceeded maximum number of redirects error. In this post, we have listed down steps to overcome this error. Actual error in JMeter: Response code: “Non HTTP response code: java.io.IOException” Response message: “Non HTTP response message: Exceeded maximum number of redirects: 5” This error is noticed because  JMeter  allows maximum 5 redirects by default and your system may be using more than 5 redirects. You need to increase this count to more than 5 in jmeter.properties file. Follow below steps to achieve this. Navigate to /bin directory of your JMeter installation. Locate jmeter.properties file and open it in any editor. Search for “httpsampler.max_redirects” property in opened file. Uncomment the above property by removing # before it. Change to value to more than 5 Eg. 20. Save the file and restart JMet...
Post a Comment
Read more

Difference Between Redirect Automatically and Follow Redirects in JMeter

In this post, we will highlight important difference between Redirect Automatically and Follow Redirects options. These options are found in HTTP Request sampler of JMeter. Knowing the difference will help you decide your performance test strategy. When you check Redirect Automatically option, JMeter will not consider redirect as separate HTTP request. This in turn may result as lower response time in your overall performance test. Whereas Follow Redirect option will consider each redirection as separate requests. This may result in comparatively higher response time. This only has any effect if “Redirect Automatically” is not enabled. To see the difference between these two, record a sample script and run it by checking Redirect Automatically and Follow Redirects option. The second option will generate more requests in your result listener. As you can see from the above post, knowing the difference between Redirect Automatically and Follow Redirects option makes difference i...
Post a Comment
Read more