Handling of SSL Certificates in Selenium WebDriver
What is an SSL Certificate?
SSL (Secure Sockets Layer) is a security protocol to establish a secure connection between the server and the client called the browser. An SSL certificate creates security through which usernames, passwords, credit card numbers information can pass safely. SSL Certificates validate the identity of the websites and encrypt the visitors send to, or receive from information from your site. This keeps hackers from spying on any exchange of information between you and your visitors.
What is an untrusted certificate?
When users try to open a site that has the security certificate installed, then the certificate will help the user to determine whether the website you are opened is the site that it claims to be. The user will get an alert message if there is any problem with the certificate saying ‘This Connection is Untrusted’.
Benefits of SSL Certificate
- One can easily increase their users’ and customers’ trust by enhancing business growth rapidly.
- An SSL certificate creates a secure online transactions and customers information like usernames, passwords, credit card numbers, debit card information.
- Keep hackers from spying the information.
- Boosts in ranking and increase brand value. In Google website gets better ranking if it is SSL Certificates is valid.
- Secure payments to experience safe shopping.
SSL-Certificate websites start with https:// where you can see a lock icon or green address bar if the connection is secure.
For example, through net banking, if you want to do some transaction or want to purchase any item through e-commerce sites such as Myntra or Amazon.
What happens between the Web Browser and the Server?
- The browser will request the webserver to identify by itself and it tries to connect with a website secured with SSL.
- To the browser, the server will send a copy of its SSL certificate.
- The browser will verify whether the SSL certificates is valid. If yes, it will send a message to the server
- To start an SSL encrypted session the server will send back a digitally signed acknowledgment and between the server and the browser, the encrypted data is shared.
In doing so, you need to send out sensitive information such as credit or debit card details or login credentials and that has to send out securely so that it cannot be hacked by hackers.
For Example
- Type https://www.amazon.com/
- Click Enter.
- You will see an address bar in the browser as below:-
Types of SSL Certificates
Using the SSL Certificate mechanism the browser and server can establish a secure connection. This connection havs three types of certificates.
- Root
- Intermediate
- Server Certificate
Process of getting an SSL Certificate
The process of getting an SSL certificate follow below steps:-
- First, you need to create a CSR (Certificate Signing Request) request.
- CSR request will create a CSR data file, which is sent to the SSL certificate issue i.e CA (Certificate Authority).
- The Certificate Authority will use the CSR data files to create an SSL certificate for your server.
- You have to install it on your server once after receiving the SSL certificate.
- You also need to install an intermediate certificate which ties your SSL certificate with CA’s root certificate.
Types of SSL Certificate Errors
Suppose in the web-browser you type some website URL request and get a message as “This connection is Untrusted” or the “The site’s security certificate is not trusted” based on the browser you are using. Then such error leads to an SSL certificate error.
Now, with the requested certificate if the browser is unable to establish a connection, then the browser will throw an “Untrusted Connection” exception.
The certificate errors you see in different browsers are
- Firefox – This connection is untrusted
- Google Chrome -This site security is not trusted
- Internet Explorer ( IE) – This security certificate presented by this website was not trusted by a trusted certificate authority (CA)
How to Handle SSL Certificate Error in Firefox browser?
In the Firefox browser sometimes we get the SSL certificate error because the firefox profile doesn’t have the certificate, so to overcome this issue, we manually create a Firefox profile, and we use the same profile with our selenium webdriver. We follow the below steps to resolve this:
- Create a firefox Profile
- Now we need to set the setAcceptUntrustedCertificates() method to true and in the Firefox profile set the method setAssumeUntrustedCertificateIssuer() to false
Selenium Automation Script for Firefox:
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.firefox.FirefoxDriver;
import org.openqa.selenium.firefox.FirefoxProfile;
public class SSLCertificateHandleFirefox
{
public static void main(String[] args)
{
//Creation of firefox profile
FirefoxProfile profile=new FirefoxProfile();
// It set the value to true
profile.setAcceptUntrustedCertificates(true);
// It will open the firefox browser through above created profile
WebDriver driver=new FirefoxDriver(profile);
driver.get("pass the URL of the browser");
}
}
Handling of SSL Certificate Error in Chrome & IE browser?
With the help of a firefox profile in the Firefox browser, we handle SSL certificate errors, but for the chrome & IE browser, to get and accept the SSL certificate error on run time we take the help of desired capabilities.
How to Test an SSL Certificate?
We are going to learn how we can handle the SSL Security Certificate error for different browsers like Chrome Browser, IE Browser, and Firefox Browser.
Steps for Chrome Browser:
- For Desiredcpabilities class create the object
- Set the ACCEPT_SSL_CERTS as true
- With the capability open the chrome browser
// Create the object of DesiredCapabilities class using chrome
DesiredCapabilities capability=DesiredCapabilities.chrome();
// Set ACCEPT_SSL_CERTS variable to true
capability.setCapability(CapabilityType.ACCEPT_SSL_CERTS, true);
// Set the chrome driver path
System.setProperty("webdriver.chrome.driver","Path of the Chrome driver");
System.setProperty("webdriver.chrome.driver", "C:\\Users\\chromedriver_win32\\chromedriver.exe");
// Open the browser
WebDriver driver=new ChromeDriver(capability);
driver.manage().timeouts().implicitlyWait(10, TimeUnit.SECONDS);
//Enter the site URL where you are facing SSL error.
driver.get("Enter site URL");
Steps for IE Browser:
We follow the same process as we follow for the Chrome browser in the IE browser to handle the certificate issue.
// Create object of DesiredCapabilities class for IE browser
DesiredCapabilities capabilities=DesiredCapabilities.internetExplorer();
// Set ACCEPT_SSL_CERTS variable to true
capabilities.setCapability(CapabilityType.ACCEPT_SSL_CERTS, true);
// Set the driver path
System.setProperty("webdriver.ie.driver","Path of the IE driver ");
System.setProperty("webdriver.chrome.driver", "C:\\Users\iedriver_win32\\internetexplorerdriver.exe");
// Open browser with capability
WebDriver driver=newInternetExplorerDriver(capabilities);
driver.manage().timeouts().implicitlyWait(10, TimeUnit.SECONDS);
//Enter the site URL where you are facing SSL error.
driver.get("Enter site URL");
Conclusion:
- SSL (Secure Sockets Layer) is a standard security protocol will establish a secure connection between the client and the server
- To establish a secure connection the browser and the server use the SSL Certificate mechanism.
- SSL certificate error will occur when a secure connection is not established between the client and the server.
