Saturday, February 25, 2012

Selenium 2 (WebDriver), Firefox Profiles, and Invalid Certificates

 (Last update on March 25, 2012)

When use Selenium 2 (WebDriver) and Firefox to automate web testing, one may need to select a Firefox profile for the test runs.  There are two ways to do it with the Java API for Selenium 2. One way is:

System.setProperty(“webdriver.firefox.profile”, profileName);
WebDriver webDriver = new FirefoxDriver();

Another way is:

ProfilesIni profilesIni = new ProfilesIni();
// Clone the named profile               
FirefoxProfile profile = profilesIni.getProfile(profileName);
WebDriver webDriver = new FirefoxDriver(profile);


Both of them do the same thing: starting Firefox with a clone of the specified profile. When the FirefoxDriver constructor is called without any argument, WebDriver will use the value of the webdriver.firefox.profile system property to identify the profile to clone. If a FirefoxProfile object is passed as an argument to the constructor, the webdriver.firefox.profile system property will simply be ignored. The second approach has its advantage as providing a reference to the FirefoxProfile object for further manipulation. 

In one case I need to manipulate the FirefoxProfile object to get my tests working. The site that I was testing used an invalid site certificate. I manually accessed the site with Firefox. When Firefox complained about the invalid site certificate, I told Firefox to accept it. After that, Firefox did not mention anything about the site certificate when I manually browsed the site. At that point, when I clicked the Site Identity Button of Firefox, I saw the dialog box like in Figure 1. (Identity of the site being tested is removed from the figures in this article)

Figure 1




However, when Firefox was started by WebDriver, it kept showing error message like “Secure Connection Failed” … so and so “uses an invalid security certificate” … “The certificate is only valid for “ … as in Figure 2.

Figure 2

The automated testing could not progress further. At that point, when I clicked the Site Identity Button, I saw the dialog box that reads “This website does not supply identify information. Your connection to this website is not encrypted.” as in Figure 3. There was no way at that point for me to tell Firefox to accept the certificate via Firefox's GUI.

Figure 3


Setting the AssumUntrustedCertificateIssuer of the FirefoxProfile object to false solved the problem, as illustrated in the code fragment below:

ProfilesIni profilesIni = new ProfilesIni();
// Clone the named profile               
FirefoxProfile profile = profilesIni.getProfile(profileName);
profile.setAssumeUntrustedCertificateIssuer(false);
WebDriver webDriver = new FirefoxDriver(profile);

In another case, the site that I was testing used a valid but self-signed certificate. As usual when I manually browse it with Firefox, Firefox warned me that "This Connection is Untrusted", like in Figure 4 below. I could click the "I Understand the Risks" link to pass it.

Figure 4

 However, when WebDriver started Firefox to browse the site, the same warning came out again. At this point when I click the Site Identity Button, I again saw the dialog box that reads “This website does not supply identify information. Your connection to this website is not encrypted.” as in Figure 3.

If one does not want the warning come out during test, one has to make  the AssumUntrustedCertificateIssuer of the FirefoxProfile object to be true. AssumUntrustedCertificateIssuer is true by default. One can either omit
  
profile.setAssumeUntrustedCertificateIssuer(false);

or change it to

profile.setAssumeUntrustedCertificateIssuer(true);

In short, if the certificate is valid but self-signed, we have to make AssumUntrustedCertificateIssuer true (which is the default); if the certificate is invalid, we have to make AssumUntrustedCertificateIssuer false.

By the way, to find which profile is really used when Firefox is running, do the following. From Firefox click Help -> Troubleshooting Information as shown in Figure 5 below.
Figure 5





On the new tab with the title "Troubleshooting Information", click the button "Open Containing Folder" as shown in Figure 5 below. It will open the base directory of the profile in use.

Figure 6

4 comments:

sharath said...
This comment has been removed by the author.
sharath said...

Thanks, useful article.
Set my code similar to:

FirefoxProfile profile = new FirefoxProfile();
profile.setAssumeUntrustedCertificateIssuer(false);
WebDriver driver = new FirefoxDriver(profile);

Hosting Safety said...

Thanks for sharing, it was very helpful for me.
Web Hosting India | Domain Name Registration India | Web Hosting Companies in India

Hosting Safety said...

Thnaks for sharing your information. Hostingsafety is also one of secured hosting services in Bangalore.
Click on our tags to know more.
Web Hosting India | Domain Name Registration India | Web Hosting Companies in India