Selenium 和 SSL 证书中的 Chromedriver

发布于 2024-11-25 20:31:59 字数 558 浏览 2 评论 0原文

我正在使用 Selenium 来测试一个具有 HTTP Auth 甚至 SSL 证书的网站。

作为 HTTP 基本身份验证的解决方法，我使用 ChromeDriver - http://code.google.com/ p/selenium/wiki/ChromeDriver 并以格式打开 URL

https://username:[email protected]

但现在出于安全原因，需要在 PC 上安装客户端证书才能登录该应用程序。

但是，ChromeDriver 看不到“选择证书”提示，我什至无法将其切换为警报。

有人解决这个问题了吗？

原文

I am using Selenium to test a web site which has HTTP Auth and now even SSL certificate.

As workaround for HTTP Basic Authentification I am using ChromeDriver - http://code.google.com/p/selenium/wiki/ChromeDriver and opening URLs in format

https://username:[email protected]

But now from security reasons, Client certificate needs to be installed on PC in order to log into that application.

However, ChromeDriver cannot see the "select certificate" prompt and I even cannot switch to it as Alert.

Did somebody solved this issue?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

天煞孤星 2024-12-02 20:31:59

您可以通过添加包含以下内容的注册表密钥来告诉 Chrome 浏览器对特定 URL 使用特定客户端证书：

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls\1 = "{\"pattern\":\"https://www.example.com\",\"filter\":{\"ISSUER\":{\"CN\":\"cn of issuer\"}}}"

您可以通过在同一分支下添加其他密钥来添加其他条目。

在 Linux 上这有点复杂，因为您需要修改以下位置下 json 格式的首选项：

~/.config/chromium/Default/Preferences

看起来上述选项仅适用于加入 Active Directory 域的计算机。如果上述步骤不起作用，您可以尝试使用预配置的模板来引入可从以下网址下载的更改： https://www.chromium.org/administrators/policy-templates

You can tell the Chrome browser to use a specific client certificate for a particual URL by adding a registry KEY with the following content:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls\1 = "{\"pattern\":\"https://www.example.com\",\"filter\":{\"ISSUER\":{\"CN\":\"cn of issuer\"}}}"

You may add additional entries by adding additional keys under the same branch.

It's a little more complex on Linux as you need to modify the preferences which are in json format under the following location:

~/.config/chromium/Default/Preferences

It looks like the above option only works for machines joined to an Active Directory domain. In case the above steps don't work You may try using a preconfigured template to introduce the changes available for download from the following url: https://www.chromium.org/administrators/policy-templates

回复收藏 0 原文

呆 2024-12-02 20:31:59

您可以使用 --ignore-certificate-errors 命令行开关告诉 Chrome 忽略不受信任的证书错误，而不是安装客户端证书。

为此，请创建 ChromeDriver 实例，如下所示：

DesiredCapabilities capabilities = DesiredCapabilities.chrome();
capabilities.setCapability("chrome.switches", Arrays.asList("--ignore-certificate-errors"));
driver = new ChromeDriver(capabilities);

Instead of installing the Client Certificate you could just tell Chrome to ignore the untrusted certificate error using the --ignore-certificate-errors command line switch.

To do this, create your instance of ChromeDriver as follows:

DesiredCapabilities capabilities = DesiredCapabilities.chrome();
capabilities.setCapability("chrome.switches", Arrays.asList("--ignore-certificate-errors"));
driver = new ChromeDriver(capabilities);

回复收藏 0 原文

烟燃烟灭 2024-12-02 20:31:59

我用下面的代码解决了这个问题

DesiredCapabilities cap = DesiredCapabilities.chrome();
ImmutableMap<String, String> commandLineArguments = ImmutableMap.<String, 
String>builder()
    .put("web-security", "false")
    .put("ssl-protocol", "any")
    .put("ignore-ssl-errors", "true")
    .put("webdriver-loglevel", "DEBUG")
    .put("ssl-client-certificate-file", certificatePath)
    .put("ssl-client-key-passphrase", certificatePassword)
    .build();
String[] params = commandLineArguments.entrySet().stream()
    .map(e -> String.format("--%s=%s", e.getKey(), e.getValue()))
    .collect(Collectors.toList())
    .toArray(new String[0]);
cap.setCapability(PhantomJSDriverService.PHANTOMJS_CLI_ARGS, params);
cap.setCapability(ChromeOptions.CAPABILITY, options);
WebDriver driver = new PhantomJSDriver(cap);
driver.get(Url);

，但我必须使用下面的命令将我的 pfx 证书转换为 pem

openssl pkcs12 -in client_ssl_cert.pfx -out client_ssl_cert.pem -clcerts

I solved this issue with below code

DesiredCapabilities cap = DesiredCapabilities.chrome();
ImmutableMap<String, String> commandLineArguments = ImmutableMap.<String, 
String>builder()
    .put("web-security", "false")
    .put("ssl-protocol", "any")
    .put("ignore-ssl-errors", "true")
    .put("webdriver-loglevel", "DEBUG")
    .put("ssl-client-certificate-file", certificatePath)
    .put("ssl-client-key-passphrase", certificatePassword)
    .build();
String[] params = commandLineArguments.entrySet().stream()
    .map(e -> String.format("--%s=%s", e.getKey(), e.getValue()))
    .collect(Collectors.toList())
    .toArray(new String[0]);
cap.setCapability(PhantomJSDriverService.PHANTOMJS_CLI_ARGS, params);
cap.setCapability(ChromeOptions.CAPABILITY, options);
WebDriver driver = new PhantomJSDriver(cap);
driver.get(Url);

But I had to convert my pfx certificate to pem using below command

openssl pkcs12 -in client_ssl_cert.pfx -out client_ssl_cert.pem -clcerts

回复收藏 0 原文

单身狗的梦 2024-12-02 20:31:59

为了以 Manvi 的答案为基础，我无法使用 PEM 证书或 PFX 证书使其工作，因此我必须使用 openssl 从我的 PFX 文件中手动提取证书和密钥

提取证书

openssl pkcs12 -clcerts -nokeys -in "SourceFile.PFX" -out certificate.crt -password pass:"MyPassword" -passin pass:"MyPassword"

提取密钥

openssl pkcs12 -nocerts -in "SourceFile.PFX" -out private.key -password pass:"MyPassword" -passin pass:"MyPassword" -passout pass:TemporaryPassword

代码

File path=new File(phantomJSBinaryFile);
System.setProperty("phantomjs.binary.path",path.getAbsolutePath());

ChromeOptions cap =new ChromeOptions();
ImmutableMap<String, String> commandLineArguments = ImmutableMap.<String, 
String>builder()
    .put("web-security", "false")
    .put("ssl-protocol", "any")
    .put("ignore-ssl-errors", "true")
    .put("webdriver-loglevel", "INFO")
    .put("ssl-client-certificate-file", certificatePath) //certificate.cer
    .put("ssl-client-key-file", keyPath) //private.key
    .put("ssl-client-key-passphrase", pwd)
    .build();

String[] params = commandLineArguments.entrySet().stream()
    .map(e -> String.format("--%s=%s", e.getKey(), e.getValue()))
    .collect(Collectors.toList())
    .toArray(new String[0]);

cap.setCapability(PhantomJSDriverService.PHANTOMJS_CLI_ARGS, params);
//cap.setCapability(ChromeOptions.CAPABILITY, options);

WebDriver driver = new PhantomJSDriver(cap);
driver.get(url);
System.out.println(driver.getTitle());

To build upon Manvi's answer, I could not get it working using a PEM certificate nor a PFX certificate, so I had to manually extract the certificate and key from my PFX file using openssl

Extract the certificate

openssl pkcs12 -clcerts -nokeys -in "SourceFile.PFX" -out certificate.crt -password pass:"MyPassword" -passin pass:"MyPassword"

Extract the key

openssl pkcs12 -nocerts -in "SourceFile.PFX" -out private.key -password pass:"MyPassword" -passin pass:"MyPassword" -passout pass:TemporaryPassword

Code

File path=new File(phantomJSBinaryFile);
System.setProperty("phantomjs.binary.path",path.getAbsolutePath());

ChromeOptions cap =new ChromeOptions();
ImmutableMap<String, String> commandLineArguments = ImmutableMap.<String, 
String>builder()
    .put("web-security", "false")
    .put("ssl-protocol", "any")
    .put("ignore-ssl-errors", "true")
    .put("webdriver-loglevel", "INFO")
    .put("ssl-client-certificate-file", certificatePath) //certificate.cer
    .put("ssl-client-key-file", keyPath) //private.key
    .put("ssl-client-key-passphrase", pwd)
    .build();

String[] params = commandLineArguments.entrySet().stream()
    .map(e -> String.format("--%s=%s", e.getKey(), e.getValue()))
    .collect(Collectors.toList())
    .toArray(new String[0]);

cap.setCapability(PhantomJSDriverService.PHANTOMJS_CLI_ARGS, params);
//cap.setCapability(ChromeOptions.CAPABILITY, options);

WebDriver driver = new PhantomJSDriver(cap);
driver.get(url);
System.out.println(driver.getTitle());

回复收藏 0 原文

~没有更多了~