A common problem many Selenium users run into is the untrusted connection warning.
This happens when an SSL certificate is unsigned, self-signed, or doesn’t match the domain name, a common scenario in test environments. In Firefox it used to be a popup modal dialog that needed dismissed by clicking “ok” or “so what” or something along those lines. More recent versions of Firefox (I have 3.5.8) bring up an intermediate page that says “This Connection is Untrusted” and looks like this:
What should you do?
- Click “I Understand the Risks”
- Click “Add Exception”
- Click “Get Certificate”
- Make sure “Permanently store this exception” is checked (it is by default)
- Click “Confirm Security Exception”
There, now don’t you feel safer for all that clicking.
Earlier releases of Firefox 3.5 had a bug that it wouldn’t “permanently” store the SSL Certificate, and there was even a plugin created to fix that.
Well, that’s all fine a dandy, but unless you want to click through that manually every time you run tests in Selenium, you’ve got a problem. See, it’s not an actual page, which means there’s no DOM for javascript to access, so you can’t use selenium to click through it. And selenium starts fresh with a new profile every time.
But that’s only by default. You can tell Selenium to use an existing profile as a template by passing the -firefoxProfileTempate flag like this:
java -jar selenium-server.jar -firefoxProfileTemplate "c:\Documents and Settings\Aaron Evans\Application Data\Mozilla\Firefox\Profiles\5rdxety0.default"
If you’ve already dismissed the dire warnings manually with your existing profile, now Selenium will sail right through. But only if you use Firefox. I’ll tell you how to get past this problem with IE, Opera, Chrome, and Safari another day.
But first, let’s create a custom profile that doesn’t have all the junk you’ve loaded into Firefox (like vimperator and firebug) to make it run a bit quicker and cleaner.
- Close all your firefox windows down (don’t forget the quick launch if you have that)
- Launch firefox from the command line with
firefox.exe -ProfileManager -no-remote
- Click “Create Profile”
- Click “Next” on the Create Profile Wizard” nonsense popup
- Create a name for your new profile — I think “Selenium” is pretty descriptive
- Click “Choose Folder”
- Pick something easy to find — like “C:\selenium\firefox_profile”
- Click Finish
Now click through and accept all the SSL certificates on the site you need to run Selenium tests on, repeating the process described above.
Finally, launch selenium-server and specify the profile you just created:
java -jar selenium-server.jar -firefoxProfileTemplate c:\selenium\firefox_profile
You can do a bunch of other cool stuff with your firefox profile for selenium, but we’ll talk about that later. I’m eager to hear what others have done as well.
One thing I’d like to figure out is how to get rid of that update manager popup that shows up every time I run tests (but doesn’t interfere with them.)
Fijiaaron 
Thanks to Adam Goucher for telling me about editing prefs.js (or use about:config to do it for you)
user_pref(“extensions.update.enabled”, false);
— but that doesn’t seem to keep
Would you tell me if I’m missing something. I did the following:
1. created the profile as described above
2. started the rc with the firefox_profile with no errors.
3. executed the firefox test
Odd things:
1. the Add-on popup comes up with firefox
2. the test fails with the following java error
C:\Program Files\Mozilla Firefox>java -jar “C:\xampp\htdocs\app\webroot\testscri
pts\OAA Smoke Test\jar\7.jar” 127.0.0.1 80 *firefox http://home:8080/ 12749876509407345 78
May 28, 2010 11:15:42 AM bromine.brunit.Database getLogin
SEVERE: null
java.io.FileNotFoundException: ..\config\database.php (The system cannot find th
e path specified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.(Unknown Source)
at java.io.FileInputStream.(Unknown Source)
at bromine.brunit.Database.getLogin(Database.java:59)
at bromine.brunit.Database.(Database.java:39)
at bromine.brunit.BRUnit.setUp(BRUnit.java:44)
at TestNew.main(TestNew.java:46)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader.main(JarRsrcLoa
der.java:56)
May 28, 2010 11:15:42 AM bromine.brunit.Database
SEVERE: null
java.sql.SQLException: The url cannot be null
at java.sql.DriverManager.getConnection(Unknown Source)
at java.sql.DriverManager.getConnection(Unknown Source)
at bromine.brunit.Database.(Database.java:41)
at bromine.brunit.BRUnit.setUp(BRUnit.java:44)
at TestNew.main(TestNew.java:46)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader.main(JarRsrcLoa
der.java:56)
java.lang.NullPointerException
at bromine.brunit.Database.sqlExecute(Database.java:128)
at bromine.brunit.BRUnit.customCommand(BRUnit.java:211)
at TestNew.main(TestNew.java:53)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader.main(JarRsrcLoa
der.java:56)
C:\Program Files\Mozilla Firefox>java -version
java version “1.6.0_20”
Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot(TM) Client VM (build 16.3-b01, mixed mode, sharing)
Frank-
I can’t help you with the error message other than guessing it has something to do with Bromine.
It looks like the add-on popup is an annoyance we’ll have to live with for now. It shouldn’t have any effect on the test execution.
Thanks very much for this solution. was working on it for ages. thanks again.
This has got me over a tough problem. Thanks!
Would you know how to do the same for IE?
Thanks
Ant
I don’t, since there’s no equivalent to a firefox profile template. It may be that manually accepting the certs in IE will work if your IE settings are the same when launched by selenium. You might need to mess with your security settings in IE as well. IEHTA might have other issues.
I am working on https:/ site and getting the following pop-up in IE versions and I am not able to run my script.
” This page is accessing information that is not under its control. This poses a security risk. Do you want to continue?”
Can you please elaborate the problem, I have done most of the settings for IE browser.
Jaideep-
This sounds unrelated to the SSL certificate issue, and might be a cross-site scripting warning. I haven’t seen it before.
Or it could be a version of the “This page contains secure and unsecure items” message which is usually an indication that it’s accessing static content (images, js, css, etc.) that is not HTTPs.
“Do you want to view only the webpage content that was delivered securely? This webpage contains content that will not be delivered using a secure HTTPS connections. which could compromise the security of the entire webpage.”
What versions of IE and Selenium are you running?
Do you have an example that I can try to duplicate?
Does this page reproduce the problem?
https://one-shore.com/secure-page-with-insecure-content.html
A couple of command line options to starting selenium server you might try are:
-trustAllSSLCertificates
-proxyInjectionMode
Unfortunately, selenium can’t access dialogs like that in IE the way it can to dismiss javascript alerts, prompts, and confirmations. I’m not sure, but webdriver (and Selenium 2 — just released!) might be able to do that.
I implemented your workaround, but the selenium server cannot launch a browser anymore.
It works fine with the default profile (but reports Untrusted Connection).
Below is the exception.
Any ideas how I can solve this?
08:57:07.427 ERROR – Failed to start new browser session, shutdown browser and clear all session data
java.lang.ClassCastException: java.io.File cannot be cast to java.lang.String
at org.openqa.selenium.server.browserlaunchers.BrowserOptions.getFile(Br
owserOptions.java:123)
at org.openqa.selenium.server.browserlaunchers.FirefoxChromeLauncher.ini
tProfileTemplate(FirefoxChromeLauncher.java:164)
at org.openqa.selenium.server.browserlaunchers.FirefoxChromeLauncher.mak
eCustomProfile(FirefoxChromeLauncher.java:215)
at org.openqa.selenium.server.browserlaunchers.FirefoxChromeLauncher.lau
nch(FirefoxChromeLauncher.java:83)
at org.openqa.selenium.server.browserlaunchers.FirefoxChromeLauncher.lau
nchRemoteSession(FirefoxChromeLauncher.java:413)
at org.openqa.selenium.server.browserlaunchers.FirefoxLauncher.launchRem
oteSession(FirefoxLauncher.java:110)
at org.openqa.selenium.server.BrowserSessionFactory.createNewRemoteSessi
on(BrowserSessionFactory.java:373)
at org.openqa.selenium.server.BrowserSessionFactory.getNewBrowserSession
(BrowserSessionFactory.java:125)
at org.openqa.selenium.server.BrowserSessionFactory.getNewBrowserSession
(BrowserSessionFactory.java:87)
at org.openqa.selenium.server.SeleniumDriverResourceHandler.getNewBrowse
rSession(SeleniumDriverResourceHandler.java:786)
at org.openqa.selenium.server.SeleniumDriverResourceHandler.doCommand(Se
leniumDriverResourceHandler.java:423)
at org.openqa.selenium.server.SeleniumDriverResourceHandler.handleComman
dRequest(SeleniumDriverResourceHandler.java:394)
at org.openqa.selenium.server.SeleniumDriverResourceHandler.handle(Selen
iumDriverResourceHandler.java:147)
at org.openqa.jetty.http.HttpContext.handle(HttpContext.java:1530)
at org.openqa.jetty.http.HttpContext.handle(HttpContext.java:1482)
at org.openqa.jetty.http.HttpServer.service(HttpServer.java:909)
at org.openqa.jetty.http.HttpConnection.service(HttpConnection.java:820)
at org.openqa.jetty.http.HttpConnection.handleNext(HttpConnection.java:9
86)
at org.openqa.jetty.http.HttpConnection.handle(HttpConnection.java:837)
at org.openqa.jetty.http.SocketListener.handleConnection(SocketListener.
java:243)
at org.openqa.jetty.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.openqa.jetty.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
08:57:07.427 INFO – Got result: Failed to start new browser session: Error while
launching browser on session null
Maja-
I don’t know about this one, sorry. Can you start a different browser (i.e. IE)? Can you start Firefox without specifying a profile?
Hi,
Could you let me know how to handle this SSL issue in IE7.0. When i replay the test steps in Selenium RC through eclipse in IE7.0, I’m getting the SSL error.
Any help will be highly appreciated.
Regards,
Venkatesh
Can you give me some more details?
IE has a way to accept untrusted certificates, but be because there are not profiles, and Selenium doesn’t have the capability to select a profile, this solution won’t affect IE7. If you’re still having trouble after manually accepting the certificate in IE, running “*iehta”, and lowering your security level, let me know and I’ll investigate further.
Hi Fiji,
Thanks for your quick reply. I will follow as you suggested and let you know.
Hi Fiji,
Thanks for your much help. It working fine now after changing the run mode to *iehta.
Thanks very much.
Hi Fiji,
Greetings. I found your site very informative.
Currently I am doing a POC using WebDrive to automate our web applicaiton. I have a situation here, during login I am getting Untrusted Connection popup thing. I googled/searched a lot but could not find a solution. I tried in Selenium using your approach and able to go through the page (Still getting a popup ‘Secure Connection Failed’ which I am cancelling manually). Do you have any solution for WebDrive?
Appreciate your time and help.
Thanks & Regards
Madan
Madan-
I don’t have a solution in Webdriver, but Selenium 2 (beta released) uses webdriver under the hood.
It sounds to me like the “secure connection failed” may be a symptom of a network error where the browser fails to connect to the secure server.
See this post from mozilla support about what it means in firefox.
Hey —
Hope all is well in Fiji !! In the old days (before kids) we used to do some diving in cayman … our diving pals spent some time in Fiji – very beatiful we heard …
back to work :-)
I’m working with selenium WebDriver and trying to cure the SSL certificate issue. Your article demonstates how to create a custom firefix profile that is used with Firefox …
Now I am trying to implement the code below – You see below that it is requesting my ‘custom firefox profile name’ … This is java code that is part of my test case. I am working on Ubuntu … how do I create a custom firefox profile using firefox on ubuntu?
The bin is here
/usr/lib/firefox-3.6.23$/
Other question would be – what is ‘custom firefox profile name’ – would this be a folder name as it seems to be on windows ??
ProfilesIni allProfiles = new ProfilesIni();
System.setProperty(“webdriver.firefox.profile”,”your custom firefox profile name”);
String browserProfile = System.getProperty(“webdriver.firefox.profile”);
FirefoxProfile profile = allProfiles.getProfile(browserProfile);
profile.setAcceptUntrustedCertificates(true);
webdriver = new FirefoxDriver(profile);
Any tips are appreciated.
Thanks
Ciao
Chris
—
Chris Macgowan
Cotheniusstr. 1
10407 Berlin
Germany
t: +49 30 695 4000 4
m: +49 0170 642 7608
chris@macgowan.com
http://www.macgowan.com
http://www.mfilm.com
I’m actually in Seattle these days, but moving to Ecuador in January.
“your custom firefox profile name” is either the name of the profile (you can see the names in the Firefox Profile Manager — the default profile is called “default”
I’m not actually sure how to get webdriver using the firefox profile myself. I’ve seen SSL problems myself and have another friend who’s been asking about it. I’ll check it out.
Hi
You said ” I’ll tell you how to get past this problem with IE, Opera, Chrome, and Safari another day.”, I was just wondering if you had done this as I would love to know how to do it with Opera.
hi, Even after following ur above steps I am getting this error,Can you please let me know what can be wrong? any help is much appreciated
HTTP ERROR: 400
Could not proxy https://XXXX:7002/console
java.lang.RuntimeException: Couldn’t establish SSL handshake. Try using trustAllSSLCertificates.
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
RequestURI=/console
Powered by Jetty://
HI FIJI,
great suggestion by you, but my request i am working on Opera browser i am getting that SSL certificate error while launching the Browser through Selenium RC, could you please suggest me the way to get out of it.
your help is highly appreciated.
I am using selenium 2.28.0 rc server.
I am using comodo dragon as my browser.
I am using java to launch selenium.
I am sharing code snippet i am using
RemoteControlConfiguration rcc = new RemoteControlConfiguration ();
rcc.setTrustAllSSLCertificates(true);
seleniumServer = new SeleniumServer(rcc);
seleniumServer.start();
String comodoPath = “*googlechrome C:/Users/”+ System.getProperty(“user.name”)+ “/AppData/Local/Comodo_Dragon/dragon.exe”;
selenium = new DefaultSelenium(
“localhost”,
4444,
comodoPath,
“myTargetDomain”);
selenium.start();
selenium.setSpeed(“5000”);
selenium.open(“myTargetAppcontext”);
selenium.windowMaximize();
I have also installed cybervillainsCA.cer in trusted root certification authority from comodo dragon browser.
I alos tried same on firefox with *firefox mode, but getting same error
I am badly stuck at this stage. Any help or pointer would be of great help.
kindly let me know what i am missing .
I want to run selenium tests on secured site.
But i am getting exception while trying to open the target url :
Could not proxy https://
java.lang.RuntimeException: Couldn’t establish SSL handshake. Try using trustAllSSLCertificates.
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I am using selenium 2.28.0 rc server.
I am using comodo dragon as my browser.
I am using java to launch selenium.
I am sharing code snippet i am using
RemoteControlConfiguration rcc = new RemoteControlConfiguration ();
rcc.setTrustAllSSLCertificates(true);
seleniumServer = new SeleniumServer(rcc);
seleniumServer.start();
String comodoPath = “*googlechrome C:/Users/”+ System.getProperty(“user.name”)+ “/AppData/Local/Comodo_Dragon/dragon.exe”;
selenium = new DefaultSelenium(
“localhost”,
4444,
comodoPath,
“myTargetDomain”);
selenium.start();
selenium.setSpeed(“5000″);
selenium.open(“myTargetAppcontext”);
selenium.windowMaximize();
I have also installed cybervillainsCA.cer in trusted root certification authority from comodo dragon browser.
I alos tried same on firefox with *firefox mode, but getting same error
I am badly stuck at this stage. Any help or pointer would be of great help.
kindly let me know what i am missing .
Hey thanks buddy,
It solved my certificate issue.