Menu
Is it possible to test client side SSL certificates with Selenium and any browser? E.g. Can you create a web driver and give dummy certificates for it? Or use a prepared Firefox profile?
587
We can handle SSL certificate in Firefox with the help of the Selenium webdriver by using the FirefoxProfile class. Then setting the parametersetAcceptUntrustedCertificates to true. A SSL is a protocol followed to create a secure connection between the client (browser) and the server.
setProperty("webdriver. ie. driver","IEDriverServer.exe"); WebDriver driver = new InternetExplorerDriver(capabilities); The above code will help to handle SSL certificate error in IE.
Creating Selenium Firefox test profile for SSL client-side certificates
You need to prepare Selenium's WebDriver Firefox profile which has client certificates imported in.
First you launch WebDriver with the following configuration in your test code:
# Pre-seeded Firefox profile directory
profile_directory = os.path.join(os.path.dirname(__file__), "..", "..", "certs", "firefox-client-ssl-profile")
self.assertTrue(os.path.exists(profile_directory))
profile = FirefoxProfile(profile_directory)
# Make sure the client side certificate selection does not interrupt the test
# XXX: What happens in other language versions?
profile.set_preference("security.default_personal_cert", "Select Automatically")
self.driver = WebDriver(firefox_profile=profile)
self.selenium_helper = SeleniumHelper(self, self.driver)
self.selenium_helper.driver = self.driver
Start unit tests and drive them to the point Zope test server is up. Stop tests with "import pdb ; pdb.set_trace()"
You should now have a Selenium's "WebDriver" Firefox instance on your screen.
Import your client side certificate. Preferences > Advanced > Encryption > View certificates. Import "client.p12" from your client-side certificate supply.
Visit in the URL triggering the client-side certificate dialog in Webdriver's Firefox::
https://yourservevr/triggers-client-side-certificate-ssl-handshake
This should prompt you to accept the client side certificate against the test server. Accept everything manually.
Visit in menu Help > Troubleshooting Information > Application Basics > Show in Finder. This opens the temporary directory holding Webdriver's active profile files.
Copy Firefox profile files cert8.db and key3.db to your unit test package
WebDriver's Firefox profile's seed folder. This is the folder where Selenium picks seeds for
Firefox web driver when the test starts firefox-client-ssl-profile.
Interrupt the tests. Restart the tests. Run until the pause again. In Webdriver's Firefox see in the settings that it now contains the certificates you did approve on the last run in Preferences > Advanced > Encryption > View certificates.
More info
https://trac.macports.org/wiki/howto/MAMP
https://support.mozilla.org/en-US/questions/824255
http://wiki.apache.org/httpd/DebuggingSSLProblems#Finding_out_what_caused_a_handshake_to_fail
http://www.openssl.org/docs/apps/s_client.html
https://omni.tenderapp.com/kb/omni-certificate-authorities/importing-pkcs12-certificates-in-keychain-for-safarichrome-in-mac-os-x
http://support.mozilla.org/en-US/kb/Recovering%20important%20data%20from%20an%20old%20profile#w_security-certificate-settings """
88
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With