How to deal with certificates using Python Selenium

How can I deal with the web application for which HTTPS is enabled with self-signed certificates? – This is a common scenario we face as testers in our test execution. A self-signed certificate is enough to establish a secure HTTPS connection, although browsers will complain that the certificate is self-signed and not trusted. However it is great for development and testing purposes. In this article, we are going to experiment working with ‘HTTPS’ web application.

What is Certificate?

When you visit a website whose web address starts with https, your browser communication with the site is encrypted to help ensure data privacy. Before starting the encrypted communication, the website will present browser with a certificate to identify itself. Browser will validate the website’s certificate by checking that the certificate that signed it is valid, and checking that the certificate that signed the parent certificate is valid and so forth up to a root certificate that is known to be valid( Usually called Certificate Hierarchy ).

Why there is going to be a Certificate Error?

If the certificate presented by server cannot be validated or if the encryption is not strong enough, browsers will stop the connection to the website and show you an error page with the message “Your connection is not secure”

This can happen in many scenarios,

• Certificate does not come from a trusted source
• The certificate will not be valid until date
• The certificate expired on date
• The issuer certificate is unknown and hence it is not trusted
• The certificate is not trusted because it is self-signed
• Given certificate is only valid for particular site name
• Corrupted certificate store

Why we get this error in our Test Environment?

Certificates are costly and may not be used for test environments. Most of the times, to test web applications over https, self-signed certificates are used. And due to the fact that ‘self signed certificates are not trusted’ by browsers, we get the error in our test environment while executing test scripts.

How to handle this error in Selenium?

There are many different ways we can solve this problem and the solution depends on the browser.

Firefox Browser – Method 1:

You can set ‘accept_untrusted_certs‘ value in FirefoxProfile() option to True.

from selenium import webdriver

profile = webdriver.FirefoxProfile()
profile.accept_untrusted_certs = True

driver = webdriver.Firefox(firefox_profile=profile)
driver.get('https://url')
print(driver.title)
driver.close()

Firefox Browser – Method 2:

You could use DesiredCapabilities to set ‘acceptInsecureCerts‘ capability to True (Note: This should work for all browsers since it is a generic read/write capability)

from selenium import webdriver
from selenium.webdriver.common.desired_capabilities import DesiredCapabilities

desired_capabilities = DesiredCapabilities.FIREFOX.copy()
desired_capabilities['acceptInsecureCerts'] = True

driver = webdriver.Firefox(capabilities=desired_capabilities)
driver.get('https://url')
print(driver.title)
driver.close()

Chrome Browser – Method 1:

You can add ‘–ignore-certificate-errors‘ and ‘–allow-running-insecure-content‘ arguments to Chrome Options().

from selenium import webdriver
from selenium.webdriver.chrome.options import Options

options = Options()
options.add_argument('--allow-running-insecure-content')
options.add_argument('--ignore-certificate-errors')

driver = webdriver.Chrome(chrome_options=options)
driver.get('https://url')
print(driver.title)
driver.close()

Chrome Browser – Method 2:

You could use DesiredCapabilities to set ‘acceptInsecureCerts‘ capability to True (Note: This should work for all browsers since it is a generic read/write capability)

from selenium import webdriver
from selenium.webdriver.common.desired_capabilities import DesiredCapabilities

desired_capabilities = DesiredCapabilities.CHROME.copy()
desired_capabilities['acceptInsecureCerts'] = True
driver = webdriver.Chrome(desired_capabilities=desired_capabilities)
driver.get('https://url')
print(driver.title)
driver.close()

Chrome Browser – Method 3:

This is also using DesiredCapabilities again; But we are going to use Options -> set_capability() method to set ‘acceptInsecureCerts‘ to True.

from selenium import webdriver
from selenium.webdriver.chrome.options import Options

options = Options()
options.set_capability("acceptInsecureCerts", True)

driver = webdriver.Chrome(chrome_options=options)
driver.get('https://url')
print(driver.title)
driver.close()

Please let us know your thoughts in comment section. Stay tuned for more knowledge sharing articles!!!