Handling Untrusted SSL certificates in Firefox/Chrome/IE browser

Handling Untrusted SSL certificates in Firefox/Chrome/IE browser:

WHAT IS SSL CERTIFICATE ?

SSL is used to keep sensitive information which is sent across the Internet encrypted so that only the intended recipient understand it. This is important because, the information that we send on the internet is passed from one system to other system to the destination server.

If it is not encrypted with an SSL certificate, any computer in between you and the destination server can see your private information such as credit card numbers, usernames, passwords and other sensitive information.

When an SSL certificate is used, the information will be encrypted and it will ensure that you are sending information to the right server and not to a criminal’s server.

WHEN DO WE GET UNTRUSTED CONNECTION ERROR

When ever you try to visit a website whose web address starts with https, your communication with this site is encrypted to ensure your privacy. Before starting the encrypted communication the website, you will be presented with a "certificate" to identify itself.

The certificate helps to determine whether the site you are visiting is actually the site that it claims to be. If there is any problem with the certificate, you will see an alert saying 'This Connection Is Untrusted'. What it means is that browser (Firefox/Chrome etc) isn't able to verify the identity of the website, there can be several problems which can cause browser to reject a certificate.

The below are the common errors that we see :

1. Certificate will not be valid until (date)

Error code: sec_error_expired_issuer_certificate
This error can occur if our system clock has the wrong date, check error message which will be in the past. We can fix this problem, by setting system clock to current date.

2. Certificate expired on (date)

Error code: sec_error_expired_certificate
This error occurs when a website identity certification has expired. This can also occur if system clock has the wrong date. We can fix this problem, by setting system clock to current date.

3. Certificate is only valid for (site name)

Error code: ssl_error_bad_cert_domain
This error says that the identification sent to you by the site is actually for another site. While anything you send would be safe from eavesdroppers , the recipient may not be the same who you think it is.
The above listed errors are the common errors, you may come across other errors which actually depends on the websites that you access.
Now Let us see how to handle SSL Untrusted Connection and Accept with Selenium webdriver.

 Let me try to do with Firefox browser first and then we will go with other browsers.
We will create new firefox profile and set 'setAcceptUntrustedCertificates' as true and setAssumeUntrustedCertificateIssuer as false.

                        //Creating new Firefox profile

                        FirefoxProfile profile = new FirefoxProfile();

                        profile.setAcceptUntrustedCertificates(true);

                        profile.setAssumeUntrustedCertificateIssuer(false);

                        driver = new FirefoxDriver(profile);

           

Handle untrusted certificate in Chrome:

// Create object of DesiredCapabilities class

DesiredCapabilities cap=DesiredCapabilities.chrome();

// Set ACCEPT_SSL_CERTS  variable to true

cap.setCapability(CapabilityType.ACCEPT_SSL_CERTS, true);

// Set the driver path

System.setProperty("webdriver.chrome.driver","Chrome driver path");

// Open browser with capability

WebDriver driver=new ChromeDriver(cap);

Handle untrusted certificate in IE:

To handle SSL certificate in IE, you can handle this situation in two ways,

// Create object of DesiredCapabilities class

DesiredCapabilities cap=DesiredCapabilities.internetExplorer();

// Set ACCEPT_SSL_CERTS  variable to true

cap.setCapability(CapabilityType.ACCEPT_SSL_CERTS, true);

// Set the driver path

System.setProperty("webdriver.ie.driver","IE driver path");

// Open browser with capability

WebDriver driver=newInternetExplorerDriver(cap);

Unlike handling SSL certificates in firefox and chrome browser are different when it comes to IE. In IE browser, we may have to handle it using javascript like like below :

System.setProperty("webdriver.ie.driver", "D:/IEDriverServer.exe");

driver = new InternetExplorerDriver();

driver.manage().window().maximize();

driver.get("https://cacert.org/");

driver.get("javascript:document.getElementById('overridelink').click();");