Skip to main content

Handling Untrusted SSL certificates in Firefox browser

Firstly, WHAT IS SSL CERTIFICATE ?

SSL is used to keep sensitive information which is sent across the Internet encrypted so that only the intended recipient understand it. This is important because, the information that we send on the internet is passed from one system to other system to the destination server.
If it is not encrypted with an SSL certificate, any computer in between you and the destination server can see your private information such as credit card numbers, usernames, passwords and other sensitive information.
When an SSL certificate is used, the information will be encrypted and it will ensure that you are sending information to the right server and not to a criminal’s server.

WHEN DO WE GET UNTRUSTED CONNECTION ERROR

When ever you try to visit a website whose web address starts with https, your communication with this site is encrypted to ensure your privacy. Before starting the encrypted communication the website, you will be presented with a "certificate" to identify itself.
The certificate helps to determine whether the site you are visiting is actually the site that it claims to be. If there is any problem with the certificate, you will see an alert saying 'This Connection Is Untrusted'. What it means is that browser (Firefox/Chrome etc) isn't able to verify the identity of the website, there cab be several problems which can cause browser to reject a certificate.
This is how the error looks like :
handle SSL certificates with selenium
The below are the common errors that we see :

1. Certificate will not be valid until (date)

Error code: sec_error_expired_issuer_certificate
This error can occur if our system clock has the wrong date, check error message which will be in the past. We can fix this problem, by setting system clock to current date.

2. Certificate expired on (date)

Error code: sec_error_expired_certificate
This error occurs when a website identity certification has expired. This can also occur if system clock has the wrong date. We can fix this problem, by setting system clock to current date.

3. Certificate is only valid for (site name)

Error code: ssl_error_bad_cert_domain
This error says that the identification sent to you by the site is actually for another site. While anything you send would be safe from eavesdroppers , the recipient may not be the same who you think it is.
The above listed errors are the common errors, you may come across other errors which actually depends on the websites that you access.
Now Let us see how to handle SSL Untrusted Connection and Accept with Selenium webdriver. Let me try to do with Firefox browser first and then we will go with other browsers.
We will create new firefox profile and set 'setAcceptUntrustedCertificates' as true and setAssumeUntrustedCertificateIssuer as false.
package com.example;

import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.firefox.FirefoxDriver;
import org.openqa.selenium.firefox.FirefoxProfile;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

public class SSLExample {
 
 private WebDriver driver;

 @BeforeClass
 public void setUp() {
  //Creating new Firefox profile
  FirefoxProfile profile = new FirefoxProfile();
  profile.setAcceptUntrustedCertificates(true); 
  profile.setAssumeUntrustedCertificateIssuer(false);
  driver = new FirefoxDriver(profile); 
  driver.manage().window().maximize();
 }
 
 @Test
 public void openApplication() {
  System.out.println("Navigating application");
  driver.get("https://cacert.org/");
  WebElement headingEle = driver.findElement(By.cssSelector(".story h3"));
  //Validate heading after accepting untrusted connection
  String expectedHeading = "Are you new to CAcert?";
  Assert.assertEquals(headingEle.getText(), expectedHeading);
 }
 
 @AfterClass
 public void tearDown() {
  if(driver!=null) 
   driver.quit();
 }
 
}
Done. You have now accepted the SSL Certificate with Selenium webdriver.
Labels:

Comments

Post a Comment

Popular posts from this blog

JMeter Exceeded Maximum Number of Redirects Error Solution

While running performance test, JMeter allows maximum 5 redirects by default. However, if your system demands more than 5 redirects, it may result in JMeter exceeded maximum number of redirects error. In this post, we have listed down steps to overcome this error. Actual error in JMeter: Response code: “Non HTTP response code: java.io.IOException” Response message: “Non HTTP response message: Exceeded maximum number of redirects: 5” This error is noticed because  JMeter  allows maximum 5 redirects by default and your system may be using more than 5 redirects. You need to increase this count to more than 5 in jmeter.properties file. Follow below steps to achieve this. Navigate to /bin directory of your JMeter installation. Locate jmeter.properties file and open it in any editor. Search for “httpsampler.max_redirects” property in opened file. Uncomment the above property by removing # before it. Change to value to more than 5 Eg. 20. Save the file and restart JMeter. If
Post a Comment
Read more

SSO with SAML login scenario in JMeter

SAML(Security Assertion Markup Language) is increasingly being used to perform single sign-on(SSO) operations. As WikiPedia puts it, SAML is an XML-based open standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. With the rise in use of SAML in web applications, we may need to handle this in JMeter. This step-by-step tutorial shows SAML JMeter scenario to perform login operation. First request from JMeter is a GET request to fetch Login page. We need to fetch two values ‘SAMLRequest’ and ‘RelayState’ from the Login page response data. We can do this by using  Regular Expression Extractor . These two values need to be sent in POST request to service provider. Refer below image to see how to do this. We will get an HTML login page as a response to the request sent in 1st step. We need to fetch values of some hidden elements to pass it in the next request. We can do this b
Post a Comment
Read more

A Tutorial to Send Email using JMeter

Sending email is a mundane activity in any professional’s life. It’s a common medium for communication nowadays. Therefore performance testing of email server is not only important but necessary for an organization. JMeter can be helpful to perform load testing in such scenarios. In this tutorial, we will see how JMeter can be used to send email. We will use SMTP Sampler of JMeter to send an email. JavaMail API is needed to enable email functionality in JMeter. Download it from  here  and paste the jar in JMeter’s lib folder. Now, perform below steps to configure SMTP Sampler. Add a new Thread Group under Test Plan. Right click on Thread Group and select Add–>Sampler–>SMTP Sampler. We need to populate SMTP server’s details in this sampler. We will use GMail for sending an email. For this, enter these values in SMTP Sampler fields. Server: smtp.googlemail.com, Port: 587. Provide values in Email Address From and To fields of Mail Settings section to specify sender and reci
Post a Comment
Read more