How To Handle SSL Certificates In Selenium Webdriver In Chrome?

How To Handle Ssl Certificates In Selenium Webdriver In Chrome?

How To Handle Ssl Certificates In Selenium Webdriver In Chrome? -Before we get into the topic, we would like to explain some basic concept behind this. Let’s see one by one in detail.

What is an SSL Certificate?

SSL (Secure Sockets Layer) is a standard security protocol for establishing a secure connection between a server and a browser client.

Using a strong encryption standard or a digital signature, an SSL (Secure Socket Layer) Certificate provides secure data translation between the server and client application. One has to install an SSL certificate or a code signing certificate.

Benefits of SSL Certificate

The use of an SSL certificate has a variety of advantages, including the following:

To accelerate the growth of a firm, one can boost the trust of their users and customers.
These certificates aid in the security of online transactions and sensitive consumer information such as credit card/debit card data, among other things.
The signing certificate is the one that gets the most downloads and positive feedback from users.

SSL-secured websites begin with HTTPS://, and if the connection is secure, you’ll see a lock icon or a green address bar.

For example, if you wish to do a net banking transaction or buy a mobile phone from an e-commerce site like Flipkart or Amazon.

What occurs when a web browser and a server interact?

A browser tries to connect to an SSL-protected website. The browser asks the webserver to verify its identity.
The server provides a copy of its SSL certificate to the browser.
The browser checks to see if the SSL certificate is valid. If this is the case, it will send a message to the server.
To begin an SSL encrypted session, the server responds with a digitally signed acknowledgment.
The server and the browser both have access to the encrypted data.

You’ll need to send sensitive information like credit card numbers or login passwords, which must be sent securely to avoid being hacked or intercepted.

How Does the SSL Certificate Create a Secure Connection?

The server receives an HTTPS request from the browser.
Now the Server must provide some form of identification to the
The browser for it to be trusted. This is accomplished by sending the browser a copy of the SSL certificate.
Each browser has its own list of trusted certificate authorities. The browser compares the certificate root to its list of trusted CAs to ensure that the certificate is legitimate for the website it is connecting to, that it is not expired or revoked, and that the common name is correct.
A secure session is established between the server and the browser if the browser trusts the certificate.
Both the server and the browser have the ability to transmit encrypted messages.

Types of SSL Certificates

The browser and the server use the SSL Certificate mechanism to be able to establish a secure connection. This connection involves the verification of three types of certificates.

Root
Intermediate
Server Certificate

Process of getting SSL Certificate

The steps for obtaining an SSL certificate are as follows:-

To begin, you must first construct a CSR (Certificate Signing Request).
CSR requests generate a CSR data file, which is then transmitted to a CA, which is an SSL certificate issuer (Certificate Authority).
The CSR data files are used by the CA to create an SSL certificate for your server.
You must install the SSL certificate on your server after getting it.
You’ll also need to install an intermediate certificate, which connects your SSL certificate to the root certificate of the CA.

The three certificates—Root, Intermediate, and Server Certificates—are represented in the graphic below.

How SSL certificates are verified?

SSL is powered by a set of programs and encryption/decryption routines installed on the webserver machine and browser.

The following information is contained in an SSL certificate.

The website owner’s identity is the subject.
A public and a private key are used to verify the validity of the information.

The private and public keys are two cryptographic keys that are inextricably linked (numbers). A private key is required to decrypt anything encrypted by a public key.

When a secure connection between the server and the client cannot be formed due to the certificate, the following SSL certificate error will appear.

Types of SSL Certificate Error

Let’s say you make an HTTPS request into your browser and get a notice like “This connection is Untrusted” or “The site’s security certificate is not trusted,” depending on your browser. The problem is then classified as an SSL certificate error.

If the browser is unable to create a secure connection with the requested certificate, an “Untrusted Connection” exception will be thrown and the user will be prompted to take appropriate action.

The kind of certificate errors you’re likely to receive in different browsers look something like this.

This connection is untrusted in Firefox.
This site’s security is not reliable, according to Google Chrome.
This website’s security certificate was not trusted by a trusted certificate authority in Internet Explorer (IE) (CA)

How to handle SSL Certificate Error using Selenium Webdriver?

Using Selenium Webdriver, how to handle SSL Certificate Error

If we’ve developed some test scripts and run them, and we encounter the “Untrusted Connection” case described above, how do we handle the exception only by automation?

In this scenario, we must modify our script so that it will handle the SSL Exception on its own.

The scripts must be changed depending on the browser instance we’re using. When desired capabilities enter the scene, this is what happens.

Selenium Webdriver’s driver instance is configured using Desired Capabilities. All driver instances, such as ChromeDriver, FirefoxDriver, and Internet Explorer, can be configured using Desired Capabilities.

We don’t have a precise URL to generate the aforementioned scenario yet, but I’ve included procedures that we can add to the Selenium Script to handle the “Untrusted Connection” condition.

SSL Certificate Error Handling in Firefox

To handle an SSL certificate problem in Firefox, we’ll need to leverage Selenium Webdriver’s desired capabilities and follow the steps below.

Step 1: First, make a new Firefox profile called “myProfile.” You can look up “How to build” a firefox profile on Google. It’s simple and straightforward.

Step 2): Create the FirefoxProfile object by accessing myProfile in the script as shown below.

Step 3): In the Fire Fox profile, set”setAcceptUntrustedCertificates” and “setAssumeUntrustedCertificateIssuer” values.

Step 4): In the Firefox driver object, utilize the Firefox profile.

SSL Certificate Error Handling in Chrome

We’ll need to employ Selenium Webdriver’s required capabilities to handle SSL errors in Chrome. The following code will allow Chrome to accept all SSL certificates, and the user will not see any SSL certificate-related errors as a result of using it.

As seen below, we must construct an instance of the DesiredCapabilities class:-

SSL Certificate Error Handling in IE

In contrast to Chrome and Firefox, you may need to use javascript to manage SSL certificates in Internet Explorer.

In Internet Explorer, you have two options for dealing with SSL certificates:

1.You will then click the link “Continue to this website (not advised)” in this section. We’ll look at how to deal with SSL errors in Internet Explorer in the next section.

In the IE browser, look for the “Continue to this website (not recommended)” link. This link contains the ID “override link,” which you can see in HTML mode by pressing F12.

2.The second way is very similar to the code for Chrome SSL Handling.

The above code will assist you in dealing with an SSL certificate error in Internet Explorer.