The SSL certificate used to load resources will be distrusted - python-3.x

from selenium import webdriver
opt = webdriver.chrome.options.Options()
opt.add_argument("--headless")
opt.add_argument("--disable-gpu")
driver = webdriver.Chrome(chrome_options=opt);
driver.get("https://steamcommunity.com/")
I'm trying to run headless chrome, with Selenium. But keep getting the following error:
[0331/134342.207:INFO:CONSOLE(0)] "The SSL certificate used to load resources from https://steamcommunity-a.akamaihd.net will be distrusted in the future. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.", source: https://steamcommunity.com/ (0)
I have tried adding the --ignore-certificate-errors flag, but still get the same error.

I'm not completely sure this is the resolution you are looking for, but you can simply use the http URL http://steamcommunity.com/ without the SSL s suffix. This will (I hope) prevent presenting this notification.

Related

Cypress can't access a website from its automated browser (used to work normally and other browsers access normally)

I was hoping one of you could help me out here. I ran out of ideas already.
I have a script with Cypress.io that basically access a website and clicks on a link for LOGIN. I have reduced the code to only access the LOGIN page directly, which was working perfectly for the past 1-2 months, but in the past week I ran the script and it's no longer working.
When it tries to access the URL https://sso.tce.sp.gov.br/cas-server/login it gives the error below.
The most weird thing is that I can access this URL manually from the other non-automated (EDGE, Chrome), but when I try to do it with the Cypress automated browser it doesn't work.
cy.visit() failed trying to load:
https://sso.tce.sp.gov.br/cas-server/login
We attempted to make an http request to this URL but the request
failed without a response.
We received this error at the network level:
Error: Parse Error: Duplicate Content-Length
Common situations why this would fail:
you don't have internet access
you forgot to run / boot your web server
your web server isn't accessible
you have weird network configuration settings on your computer
Apparently it's doesn't look like a proxy thing nor a code thing, do you guys have any idea of what it could be?
Code:
describe('Test', () => {
it('Access AUDESP Website', function () {
Cypress.config('chromeWebSecurity',false);
//cy.visit('https://www.tce.sp.gov.br/audesp')
//cy.get('.menu-superior-itens > [href="https://sso.tce.sp.gov.br/cas-server/login"]').click()
cy.visit('https://sso.tce.sp.gov.br/cas-server/login')
})
})
Any ideas would be very helpful!!
Thank you!
UPDATE:
Guys, I'm still with this error, but I have found out that the website is sending a duplicate header, but cypress is not able to process it. The browser, outside of Cypress, ignores it apparently... any ideas on how to fix it on Cypress?

Specify self signed certificate in pact provider testing

I am currently testing my pact contracts using the below provider options
let opts = {
provider: "api",
providerBaseUrl: "https://my-domain.com",
pactUrls: [
path.resolve(
process.cwd(),
"./pacts/pact-api.json"
),
],
validateSSL: false,
changeOrigin: true,
providerVersion: "1.0.0"
}
return new Verifier(opts).verifyProvider().then(output => {
console.log("Pact Verification Complete!")
console.log(output)
})
When I give the base url as https I get the below error:
Uncaught Error: write EPROTO 140574248376192:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:
at WriteWrap.onWriteComplete [as oncomplete] (internal/stream_base_commons.js:92:16)
If I change the url to have http: it does a redirect (I get redirect status code 308).
The https url is a self signed url, and the self signed certificate is present in all our servers. I have no issues accessing the url from any browser or curl or via express.js.
But if I provide the url directly in provider options, I get the error. I went through the pact documentation and I was not able to find any additional arguments.
Any help to overcome this issue is highly appreciated.
Thanks.
Update:
The issue was running pact inside a docker container. The requests from the container were being blocked by an internal proxy. Once the proxy was bypassed, it worked.
Under the hood, pact-js uses the "pact-ruby-standalone". You can set the certificate for the pact-ruby-standalone using the environment variables SSL_CERT_FILE as documented here: https://github.com/pact-foundation/pact-ruby-standalone/releases#pact-provider-verifier
UPDATE:
The issue was due to VPN/proxy settings on the host which was intercepting the request and presenting an invalid certificate.
ORIGINAL POST:
Whilst Beth is correct in that we do use that Ruby library under the hood, Pact JS actually spins up a proxy which the Ruby standalone actually interacts with - i.e. Ruby talks to a local JS server running http, and the proxy re-issues the request to the service. So the issue is most likely in the Pact JS framework.
There could be a few things happening here:
There is an issue in the library somewhere
There is a configuration issue somewhere we need to get to the bottom of
There is something special about the TLS certificate
Could you please update the bug report at https://github.com/pact-foundation/pact-js/issues/429 ?
We're going to need logs and other information to get to the bottom of it (see https://github.com/pact-foundation/pact-js/blob/master/.github/issue_template.md for how to help us help you).

Python SSLError - Any way to Hide Warning

I am wokirng on windows and with python3.
I used requests module to get to a web page with this code-
requests.get('https://github.com/')
Then i got the SSLError [SSL: CERTIFICATE VERIFY FAILED ] error. Then i turned off the switch for SSL certificates check with verify=False.
import requests
requests.get('https://github.com/', verify=False)
And now it is browsing the site but returns a warning.
Warning (from warnings module):
File "C:\Python27\lib\site-packages\urllib3\connectionpool.py", line 847
InsecureRequestWarning)
InsecureRequestWarning: Unverified HTTPS request is being made. Adding
certificate verification is strongly advised. See:
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
<Response [200]>
Now i am working with a script and i don't want to show this warning to user.I got a way to hide warning but i am not sure how to use it.
warnings.simplefilter("ignore")
But this ignores all warnings and i just want to hide this 'InsecureRequestWarning' particularly. Please guide me how to do this.
So i got the solution to hide the warning. Here is what i did.
import warnings
from requests.packages.urllib3.exceptions import InsecureRequestWarning
warnings.simplefilter('ignore',InsecureRequestWarning)
requests.get('https://github.com/',verify=False)
And this thing solved my problem.

Testing "https:..." URLs through Selenium gives Secure Connection Error in FireFox 50 and 52

I am sure many of us are using Selenium to test applications with URL starting with https://....
I am facing this issue in my client network local and Jumpboxes, whenever I do a driver.get(“https://....”) to these URLs.
URLs starting with http://.... works fine.
I am using gecko 0.14, selenium 3.3.1 standalone server and Mozilla 50.1.0. Also checked with gecko 0.15.
Went through the suggestions over net and tried out the following workarounds :
• Creating new profile and setting capabilities and other properties. This helps manually , but through selenium the same issue persists.
• Adding Exception in Browser for new profile as well as default profile.
• Downloaded Mozilla 52.0 and tried the same.
None of them helped me out.
Questions :
Is this a proxy issue.
Can this be resolved.
Issue going on for a while. Please let us know if anything helped you out to resolve this.
Thanks,
Arpan
First you need to create a new FireFox profile say "myProfile".
ProfilesIni prof = new ProfilesIni()
FirefoxProfile ffProfile= prof.getProfile ("myProfile")
Now we need to set "setAcceptUntrustedCertificates" and "setAssumeUntrustedCertificateIssuer" properties in the FireFox profile.
ffProfile.setAcceptUntrustedCertificates(true)
ffProfile.setAssumeUntrustedCertificateIssuer(false)
WebDriver driver = new FirefoxDriver (ffProfile)
"setAcceptUntrustedCertificates" and "setAssumeUntrustedCertificateIssuer" are capabilities to handle the certificate errors in web browsers.

Using SSL with the python-instagram and localhost on sample-app.py

I plan on using the sample-app.py as a baseline of what I am building out and then expanding it from there. Just want to get comfortable with the instagram API and build out from there.
I am trying to use the sample-app.py provided with python-instagram. I have registered an application on instagrams website. I set it up using the default redirect uri from sample-app.py:
http://localhost:8515/oauth_callback .
I was able to authorize my instagram account to use the app, but when I click on any of the links, I get an error about the acccess-token.
When you look at the python command-line window that stays open, I get the following error:
"check_hostname needs a SSL context with either CERT_OPTIONAL or CERT_REQUIRED"
It appears that when the sample app is processing the lines below, it is trying to connect to instagram, but is not able to because SSL in local host is not set up properly. How do I set up SSL so i do not get the above error?
access_token, user_info = unauthenticated_api.exchange_code_for_access_token(code)
if not access_token:
return 'Could not get access token'
api = client.InstagramAPI(access_token=access_token)
request.session['access_token'] = access_token
print ("access token="+access_token)
There are a few steps to solve this problem (it appears that it is actually several problems in aggregate causing this issue):
use openssl to create a ssl certificate and save cert to the same location as your python script. Download open ssl here: http://slproweb.com/products/Win32OpenSSL.html
You need to tweak bottle so that it will support ssl. Do so by adding the following lines in run in class WSGIRefServer(ServerAdapter):
import ssl
srv.socket = ssl.wrap_socket (
srv.socket,
certfile='server.pem', # path to certificate
server_side=True)
There is a bug in python 3 and above(https://github.com/jcgregorio/httplib2/issues/173). I am using 3.4, so the bug could be fixed in 3.5. In the instagram/oauth2.py file, change all disable_ssl_certificate_validation=False to True.

Resources