How to deal with certificates using Python Selenium
How can I deal with the web application for which HTTPS is enabled with self-signed certificates? – This is a common scenario we face as testers in our test execution. A self-signed certificate is enough to establish a secure HTTPS connection, although browsers will complain that the certificate is self-signed and not trusted. However it is great for development and testing purposes. In this article, we are going to experiment working with ‘HTTPS’ web application.
What is Certificate?
When you visit a website whose web address starts with https, your browser communication with the site is encrypted to help ensure data privacy. Before starting the encrypted communication, the website will present browser with a certificate to identify itself. Browser will validate the website’s certificate by checking that the certificate that signed it is valid, and checking that the certificate that signed the parent certificate is valid and so forth up to a root certificate that is known to be valid( Usually called Certificate Hierarchy ).
Why there is going to be a Certificate Error?
If the certificate presented by server cannot be validated or if the encryption is not strong enough, browsers will stop the connection to the website and show you an error page with the message “Your connection is not secure”
This can happen in many scenarios,
- Certificate does not come from a trusted source
- The certificate will not be valid until date
- The certificate expired on date
- The issuer certificate is unknown and hence it is not trusted
- The certificate is not trusted because it is self-signed
- Given certificate is only valid for particular site name
- Corrupted certificate store
Why we get this error in our Test Environment?
Certificates are costly and may not be used for test environments. Most of the times, to test web applications over https, self-signed certificates are used. And due to the fact that ‘self signed certificates are not trusted’ by browsers, we get the error in our test environment while executing test scripts.
How to handle this error in Selenium?
There are many different ways we can solve this problem and the solution depends on the browser.
Firefox Browser – Method 1:
You can set ‘accept_untrusted_certs‘ value in FirefoxProfile() option to True.
from selenium import webdriver profile = webdriver.FirefoxProfile() profile.accept_untrusted_certs = True driver = webdriver.Firefox(firefox_profile=profile) driver.get('https://url') print(driver.title) driver.close()
Firefox Browser – Method 2:
You could use DesiredCapabilities to set ‘acceptInsecureCerts‘ capability to True (Note: This should work for all browsers since it is a generic read/write capability)
from selenium import webdriver from selenium.webdriver.common.desired_capabilities import DesiredCapabilities desired_capabilities = DesiredCapabilities.FIREFOX.copy() desired_capabilities['acceptInsecureCerts'] = True driver = webdriver.Firefox(capabilities=desired_capabilities) driver.get('https://url') print(driver.title) driver.close()
Chrome Browser – Method 1:
You can add ‘–ignore-certificate-errors‘ and ‘–allow-running-insecure-content‘ arguments to Chrome Options().
from selenium import webdriver from selenium.webdriver.chrome.options import Options options = Options() options.add_argument('--allow-running-insecure-content') options.add_argument('--ignore-certificate-errors') driver = webdriver.Chrome(chrome_options=options) driver.get('https://url') print(driver.title) driver.close()
Chrome Browser – Method 2:
You could use DesiredCapabilities to set ‘acceptInsecureCerts‘ capability to True (Note: This should work for all browsers since it is a generic read/write capability)
from selenium import webdriver from selenium.webdriver.common.desired_capabilities import DesiredCapabilities desired_capabilities = DesiredCapabilities.CHROME.copy() desired_capabilities['acceptInsecureCerts'] = True driver = webdriver.Chrome(desired_capabilities=desired_capabilities) driver.get('https://url') print(driver.title) driver.close()
Chrome Browser – Method 3:
This is also using DesiredCapabilities again; But we are going to use Options -> set_capability() method to set ‘acceptInsecureCerts‘ to True.
from selenium import webdriver from selenium.webdriver.chrome.options import Options options = Options() options.set_capability("acceptInsecureCerts", True) driver = webdriver.Chrome(chrome_options=options) driver.get('https://url') print(driver.title) driver.close()
Please let us know your thoughts in comment section. Stay tuned for more knowledge sharing articles!!!
4 Responses
This works, and works mostly overall.
But I am facing a problem with selenoid. It uses a docker image to host the browser and the chromedriver. The base image is debian (I think).
These lines of code do not work with these images for chrome version 79 and 80. They do work for version 78 and earlier.
I am going mad trying to make it work.
Thank you very much! Third method for Chrome browser solved my problem.
Thank you!
This is actually helpful, thanks.