Is there a way to get SSL certificate details from web UI using selenium or playwright? I know I can get them using openssl commands but I am looking to get from UI using selenium or playwright.
Related
I have a web application that I developed using Angular, Node.js/Express.js and MySQL. My app has some pages that display data after fetching it from another web app example: https://www.example.com. Since, this another app doesn't have any API from where I can fetch the data so, I am using web scraping with the help of Python Selenium and scraping the data from the site. I am calling my Python program in Node.js.
What I want to ask is that is the connection between a bot that sends a request to the target site secured or not? Does the selenium automated browser sends an encrypted connection to the site? Or, do I have to connect to a proxy to secure my connection. I don't want to expose my server's IP.
Any help would be appreciated. Thanks!
selenium communication is between client library and driver API.
selenium doesn't send anything to the target site but the browser
If you are running selenium from local system and start selenium/driver in localhost there is no issue of "man in the middle attack" as no one can eavesdrop you as the communication is within the localhost netwrok.
Other than the communication between your script and the call to selenium API there is no other communication happening. All other communication is happening from the target website as in normal user scenarios.
No it is not a secure connection cause Selenium internally makes an HTTP request for each Selenium command.
for each Selenium command, a HTTP request is created and sent to the browser driver
the browser driver uses a HTTP server for getting the HTTP requests
the HTTP server determines the steps needed for implementing the Selenium command
the implementation steps are executed on the browser
the execution status is sent back to the HTTP server
the HTTP server sends the status back to the automation script
Why HTTP is not secure
In OpenShift Origin 3.6, with advanced installation method, I configured custom TLS certificate for the web console and for the router.
For the web console, the parameters I used in the Ansible inventory are:
openshift_master_named_certificates=[{"certfile": "/root/star.paas.certs/star.paas.local.cert.pem", "keyfile": "/root/star.paas.certs/star.paas.local.key.pem", "names": ["master.paas.local"], "cafile": "/root/star.paas.certs/ca-chain.cert.pem"}]
openshift_master_overwrite_named_certificates=true
And for the router, the parameters are:
openshift_hosted_router_certificate={"certfile": "/root/star.paas.certs/star.paas.local.cert.pem", "keyfile": "/root/star.paas.certs/star.paas.local.key.pem", "cafile": "/root/star.paas.certs/ca-chain.cert.pem"}
On the TLS certificate side, a custom Certificate Authority has been created and saved to file ca-chain.cert.pem. And a custom Certificate based on this CA has been generated (star.paas.local.key.pem and star.paas.local.cert.pem).
As you may have noticed, I use the same certificate chain for the OpenShift web console (served in my case at master.paas.local:8443) and for the embedded router (for apps routed as https://*.paas.local).
Then, when I want to access the web console, the prerequisite is to import the root CA into my browser.
The point is: when I use Chromium and go to master.paas.local:8443, the connection is considered unsecured (NET::ERR_CERT_AUTHORITY_INVALID). And when I ask for more information, I notice that the certificate hierarchy is incomplete:
Certificate details in Chromium
Interestingly, this does not happen in Firefox, which is the only browser known to me that behaves the expected way:
Certificate details in Firefox
On the opposite, all the TLS-secured public routes served by OpenShift for my apps are considered secured by all the browsers I tested, with the very same certificate chain as the one I use for the web console.
Is there a working way to make openshift(-ansible) take my custom CA into account when serving the web console in all modern browsers?
It seems to me that OpenShift web console does not send root/intermediate CA during TLS handshake.
The ansible playbook appears to support providing a cafile for named_certificates, and places the files. However the running system doesn't support the cafile key, so it is ignored. If you provide the certfile as a full bundle (bundle+cert) then it should start working.
I submitted a PR to the playbook to handle this task.
I am working on a project that uses an MFC module with CDHtmlDialog dialog in order to display a log-in screen to the user. I pass an https url to Navigate(), and then handle OnDocumentComplete(). I want to be able to verify the SSL certificate of the server that corresponds to my https request.
I've searched the net for how to do it with CDHtmlDialog API but couldn't find an answer. There is always the option to code it differently using openSSL or WinHTTP (which support SSL) and not using CDHtmlDialog but I prefer to save the time of implementing the whole module from scratch.
Does any one know how to verify SSL certificate with CDHtmlDialog?
I am able to run Grails application on tomcat using SSL but I am not sure how to verify that it is running properly with SSL.
I am able to do following things (I am using grails security)...
Created Self Signed SSL certification
Able to configure same certification with tomcat(updated server.xml)
Able to run application using https in browser(All features are running
properly with https url, I did not updated web.xml of war).
Problem: I am able to see logged in user's user credentials using Fiddler.
So I am not sure that I did correct configure of SSL or I did some mistake.
Can anyone suggest me how to verify that the data in traveling in encrypted form ??
If you've enabled HTTPS decryption in Fiddler (Tools > Fiddler Options > HTTPS), then being able to see the credentials is expected. If you haven't enabled HTTPS decryption in Fiddler, then you are not using HTTPS properly.
I am using swfUpload (Flash control) to upload files to the web site.
This is working great except when the web site uses SSL with client certificate for authentication.
In IE there is no problem, but with Chrome and Firefox the upload fails.
The upload then fails because the POST request with the file data (coming from swfUpload) is rejected because the client certificate is not provided with the post.
I guess this is a Flash Plugin problem since it is working correctly in IE using the same swfUpload.swf...
Anyone familiar with this problem and is there a fix?