Selenium and self-signed SSL Certificates in Firefox [java / linux]

AAAARRGGHHHHHH!!!!!!!!….. Finally, I’ve managed to solve my problem with self-signed certificates in FF and Selenium.

I think I spend three days trying various methods, following tutorials and ‘hacking’ through the selenium source code, etc.
Maybe it’d take someone much less time than me, but what’s done is done, and let’s get crackin’ 🙂

A. Follow Girlie’s tutorial to create customized Firefox profile with few changes:

  1. in step no. 7 – remember not to use spaces in forlder names
  2. skip steps no. 11 & 12
  3. [OPTIONAL STEP] Configure FF according to Girlie’s suggestions
  4. Once you’re done with creating custom profile, go to the HTTPS site which troubles you with an invalid security certificate. Use “Add exception” button to add security exception.
  5. Close FF

B. Go to your FF custom profile folder (see A.1)

  1. If you skipped step A.3, then remove all files and folders except: cert8.db, cert_override.txt, key3.db
  2. If you followed Girlie’s suggestions in step A.3, then you can remove all files and folders except:
    • cert8.db, cert_override.txt, content-prefs.sqlite, key3.db, localstore.rdf, permissions.sqlite, prefs.js, secmod.db, XPC.mfasl, xpti.dat, XUL.mfasl
    • More information about contents of FF profile folder at: http://kb.mozillazine.org/Profile_folder_-_Firefox

C. Open your selenium project and add some new code:

private static Selenium selenium = new DefaultSelenium(String serverHost, int serverPort, String browserStartCommand, String browserURL);
private static SeleniumServer seleniumServer;
seleniumServer = new SeleniumServer();


/* 
* And here are the DRAGONS!!
* Short description:
* start with preparing new RemoteControlConfiguration and profile location
* then, change some default settings
* start selenium server
* and finally pass new configuration to Selenium 
*/

RemoteControlConfiguration rcc = seleniumServer.getConfiguration();
File profileLocation = new File("/path/to/your/custom/FF/profile");
rcc.setProfilesLocation(profileLocation);
rcc.setFirefoxProfileTemplate(profileLocation);
rcc.setReuseBrowserSessions(true);
seleniumServer.start();
selenium.start(rcc);

Hope this this work also for you.
J

8 thoughts on “Selenium and self-signed SSL Certificates in Firefox [java / linux]

  1. Great instructions! It worked for awhile but after doing some other things, it stopped working again. I restored all the profile files to their original state and still it doesn’t work. Have you experienced something similar?

  2. Nice post.

    But I am still having the issue, even after creating a profile and doing the Exception setting. I am adding the URL in the exception list.

    Still I get the

    This Connection is Untrusted

    You have asked Firefox to connect
    securely to someUrl:9444, but we can’t confirm that your connection is secure.
    Normally, when you try to connect securely,
    sites will present trusted identification to prove that you are
    going to the right place. However, this site’s identity can’t be verified.

    What Should I Do?

    If you usually connect to
    this site without problems, this error could mean that someone is
    trying to impersonate the site, and you shouldn’t continue.

    Technical Details

    I Understand the Risks

    error.

    Please could you suggest me, what might be wrong.

    I am not creating any RemoteControlConfiguration object though.

    I am runnnig the server command as :

    java -jar selenium-server-standalone-2.8.0.jar -firefoxProfileTemplate D:\Selenium\profiles

    My profile is saved at D:\Selenium\profiles folder.

    • As far as I remember, even if you create a custom FF profile and then try to run Selenium with -firefoxProfileTemplate param, then somehow it will still create and use a tmp default profile. I’ve tried selecting custom profile as default one, but it didn’t help.
      That’s why I wrote this code to overcome that problem.

      It might be fixed in latest builds, see if there’s anything in the changelogs.

  3. more details for someone who are not using rc for selenium server.

    rcc.setReuseBrowserSessions(true);

    i was digging this line. and it turns up this page.

    https://wiki.mozilla.org/Session_Restore

    before start selenium server. configure your profile with these configuration.

    could be done two ways.

    1. by disable all security warnings.

    security.default_personal_cert string Select Automatically
    security.warn_entering_weak boolean false
    security.warn_entering_weak.show_once boolean false
    security.warn_viewing_mixed boolean false
    security.warn_viewing_mixed.show_once boolean false
    browser.sessionstore.enabled boolean true

    2. by adding your https websites in trusted websites.

    http://www-archive.mozilla.org/projects/security/components/ConfigPolicy.html

    capability.policy.policynames string trustable
    capability.policy.trustable.sites string https://yoursite.com
    capability.policy.trustable.Window.open string sameOrigin

    I didn’t try any of them myself. but it would work. correct me if I am wrong.

  4. hi,
    Technical Details

    I Understand the Risks

    error.

    Please could you suggest me, what might be wrong.

    I am not creating any RemoteControlConfiguration object though.

    I am runnnig the server command as :

    java -jar selenium-server-standalone-2.8.0.jar -firefoxProfileTemplate C:\profiles

    My profile is saved at C:\profiles folder.

    • Hi,

      I’m sorry for such a late answer but I was away for quite a long time.
      Have you solved that issue? If not, then it might something with specifying the profile you actually want to use when instantiating new FirefoxDriver

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s