... your certificate content ... -----END CERTIFICATE-----"""
with tempfile.NamedTemporaryFile(mode='w', delete=False, suffix='.pem') as cert_file: cert_file.write(cert_content) cert_path = cert_file.name
chrome_options = Options() chrome_options.add_argument(f"--user-data-dir=/tmp/selenium-profile") chrome_options.add_argument(f"--ssl-client-certificate-file={cert_path}")
driver = webdriver.Chrome(options=chrome_options)
Clean up
os.unlink(cert_path) ```
Error Handling Best Practices
Detect SSL Errors
from selenium.common.exceptions import WebDriverException
import time
def navigate_with_ssl_retry(driver, url, max_retries=3):
for attempt in range(max_retries):
try:
driver.get(url)
return True
except WebDriverException as e:
if "ssl" in str(e).lower() or "certificate" in str(e).lower():
print(f"SSL error on attempt {attempt + 1}: {e}")
if attempt < max_retries - 1:
time.sleep(2)
continue
raise
return False
Verify Page Loaded Despite SSL Issues
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.webdriver.common.by import By
def wait_for_page_despite_ssl(driver, timeout=10):
try:
# Wait for any content to load
WebDriverWait(driver, timeout).until(
lambda d: d.execute_script("return document.readyState") == "complete"
)
return True
except:
# Check if SSL warning page is present
ssl_warning_selectors = [
"[id*='ssl']", "[class*='ssl']",
"[id*='certificate']", "[class*='certificate']",
"h1", "h2" # Common warning page elements
]
for selector in ssl_warning_selectors:
elements = driver.find_elements(By.CSS_SELECTOR, selector)
for element in elements:
if any(keyword in element.text.lower() for keyword in
['ssl', 'certificate', 'secure', 'warning', 'unsafe']):
print("SSL warning page detected")
return False
return True
Security Considerations
⚠️ Important Security Notes:
- Only use in test environments - Never disable SSL verification in production
- Limit scope - Only bypass SSL for specific test domains when possible
- Monitor certificates - Regularly check certificate validity in staging environments
- Document exceptions - Clearly document why SSL bypassing is necessary
- Use temporary profiles - Ensure SSL bypass settings don't persist
Environment-Specific Configuration
import os
def get_chrome_options(environment='test'):
options = Options()
if environment in ['test', 'staging']:
# Only bypass SSL in non-production environments
options.add_argument("--ignore-certificate-errors")
options.add_argument("--ignore-ssl-errors")
print("WARNING: SSL certificate validation disabled for testing")
return options
# Usage
env = os.getenv('ENVIRONMENT', 'test')
chrome_options = get_chrome_options(env)
driver = webdriver.Chrome(options=chrome_options)
Troubleshooting Common Issues
Issue: Flags Not Working
- Solution: Use the latest ChromeDriver/GeckoDriver version
- Check: Browser compatibility with WebDriver version
Issue: Safari Still Shows Warnings
- Solution: Manually add certificates to macOS Keychain
- Alternative: Use Chrome or Firefox for SSL testing
Issue: Corporate Proxy Interference
- Solution: Configure proxy settings alongside SSL options:
chrome_options.add_argument("--proxy-server=http://proxy:8080")
chrome_options.add_argument("--proxy-bypass-list=localhost,127.0.0.1")
By following these configurations, you can handle SSL certificate errors across different browsers while maintaining security best practices in your testing environment.
