I am using this webkitdotnet in my C# project. It all went well until I had to use access site with https.
I've searched their forum and found few posts about this but none of it solves my problem, so please shed some light on this one. Thx!
edit: Also as mentioned in their threads (also without an answer) I get a "Peer certificate cannot be authenticated with known CA certificates" error when trying to access my server, but https://www.google.com works fine.
They also mention the "apple" build which worked fine with ssl (at least so they say), but I can't find it anywhere...
This is a bit of a hack, but you can make webkitdotnet ingore peer ssl errors. WebKitDotNet uses WebKit, which, in turn uses curl, which is responsible for your wonderful ssl error there. curl exposes an option to ignore ssl errors, but neither webkit nor webkitdotnet seem to expose this functionality in their api. However, if you checkout the webkit source code, webkit sets the curl option (CURLOPT_SSL_VERIFYPEER) to false if the value of the environment variable WEBKIT_IGNORE_SSL_ERRORS is set to true.
What this all boils down to is that if you set the environment variable in code before initializing either webkit or webkitdotnet components, webkit will ignore the bad certificate and allow you to navigate to the site (sort of like clicking Proceed Anyway on IE9's Bad Certificate Warning page).
C++:
setvar("WEBKIT_IGNORE_SSL_ERRORS", "1");
C#:
Environment.SetEnvironmentVariable("WEBKIT_IGNORE_SSL_ERRORS", "1");
If anyone is interested, the webkit source code referenced is in file webkit\Source\WebCore\platform\network\curl\ResourceHandleManager.cpp at lines 65 and 681, currently.
After long googling I finally ended up purchasing a SSL certificate for my domain and now all is fine. Also, a good to note is that Webkit is the easiest to work with and allows for DOM access and manipulation.
I tried the code below and works for me.
webkitBrowser.Preferences.IgnoreSSLErrors = true;
Related
PhpStorm version 2017.2.3:
I am suddenly getting notifications such as the screenshot below, and they're persistent:
I believe (as you may be able to gather from the image), that what is happening is that PhpStorm is trying to connect to the http://www.viridor.co.uk domain and then is being presented with an untrusted certificate from the (https) domain varient.
I keep telling PhpStorm to reject this certificate. I don't want it saved. But PhpStorm keeps bringing up this notice.
What I've tried:
I have read through the settings menu to see if I can find a way of sorting this but have not found anything suitable:
What I'd like to achieve:
Why does PhpStorm reject the certificate, can we edit these rejection criterias? this is the first time I've seen this and I'm sure PhpStorm has been checking a multitude of links from various project sites I work on. (please see below some certificate diagnostics)
How can I get PhpStorm to remember my rejection for this certificate?
If not, how can I turn off PhpStorm checking URLs outside the project scope (hopefully for just this project rather than all projects)?
Extra info:
I have run the url (viridor.co.uk) through the Qualys SSLTest and it came back
This server's certificate chain is incomplete. Grade capped to B.
source.
I would like to think that this certificates problems are the direct cause of this issue, but now I'd like to know how I can solve this issue.
Recently our website went from http to https. I, and others, are randomly getting "The Site Can't Provide a Secure Connection" page. Upon refresh, the page loads just fine. Why are we getting this initial page randomly?
FYI... We have http to https redirects in place.
Impossible to say without more details, but some things I can suggest are:
You have multiple servers and some are configured correctly and some incorrectly.
You are not including the full certificate chain. Sometimes your browser has the missing intermediary cached and sometimes not (see this answer for more info here: https://serverfault.com/questions/826100/ca-certificate-trouble-with-squid-on-centos7/826321#826321)
A bug in browser/software. I had this issue on Chrome when using Apache HTTP/2. Never did figure it out but a Chrome update fixed it.
Run https://www.ssllabs.com/ssltest/ on your site to confirm not a problem with your https set up and, if that doesn't work, or you don't understand the results it gives, then update your question with more details (what Server and Browser you are using and what version, if you have any proxy in place between your Browser and the site and, ideally the website name) if you want people to help you.
Also be aware this is a programming site and some people don't like these questions here and will suggest other Stack Exchange sites but honestly don't know where this question is best placed: serverfault.com maybe, but is for professional SysAdmins only, Unix and Linux seems a little generic (not even sure if you are using a Linux webserver!), Webmasters is more for content and SEO questions, Information and Security is more for theoretical SSL/TLS questions...
I have started looking into testing our site with BrowserStack.
However, I'm having issues with live-testing (as opposed to automated testing with Selenium, which mostly works fine) a site we're developing as we're serving it with a self-signed certificate.
Manually approving the certificate doesn't bother me as much as the fact that some Ajax request are failing (at least on IE10) due to security issues and this makes it impossible to actually manually test the site.
An acceptable solution would be to somehow add our self-signed cert. into the list of trusted root CAs. However, I haven't found out how to upload files into the BrowserStack test environment (not sure if that's even possible, really).
Any ideas ?
I contacted BrowserStack about this issue, and their formal response is:
"We currently do not support installing client certificates on the remote machines. However, this is on our list, and we’ll keep you posted."
Hopefully this issues will be resolved soon and I'll post a different answer here.
April 2021 update:
BrowserStack has shipped a toggle to trust self-signed certs.
It is available on iOS and Android devices for now.
When it happens, open the "Network" tab, and open in a new tab the request which is failing. If it is "just" a certificate issue, you would then be able to bypass the warning. Then, your request should work correctly.
When the "Cannot Verify Server Identity" dialogue pops up, click details, then 'Trust'. This will work if all calls are to the same domain as the website.
Experimenting with Phantomjs to scrape some information from a vendor application our company uses. When I open the page and render it, I can see that the only output is the message
SPNEGO authentication is not supported on this client.
I had seen that message in Firefox before, and the solution was to add the host to the trusted uris. That's great for FF, but in the context of a phantomjs script, is there a way to declare a site as trusted?
UPDATE: Tried the command-line parameters per Artjom's suggestion but no difference.
I don't think this protocol is implemented in PhantomJS. PhantomJS is built on top of QtWebKit. I found an old Aurora issue. Aurora is also based on QtWebKit.
If you search for SPNEGO or kerberos in the phantomjs repo, you don't find much. Searching for negotiate shows only some constants, but no actual implementation.
I have found a strange issue which I do not completely understand. When I run the LoadRunner with just a single protocol, the browser (when recording starts) is ran but says "page not found" (as if the proxy was not set).
How come? The protocols specify what traffic will be captured but I assumed in just does not record the ones not specified. But why the browser could not find the page in single protocol and could in multiple?
I've found that the single protocol mode (I assume web here) is somewhat erratic and does not work all the time. The workaround is to use the multiple protocol mode, but select only Web (HTTP/HTML). This works much better.
The actual reasons for why this is the case are unknown, but at least give it a try!
As for other issues:
Check that your PROXY settings are correct when you invoke IE for recording. Your issue sounds a little like a proxy issue, but please post more details if none of the above works.
Over 90% of recording issues can be tracked to environment items, specifically do you have the right match up between version of LR and version/manufacturer of your browser plus are you signed in with the proper credentials plus do you have any conflicting software packages loaded, such as antivirus, which could be impacting the recordingf mechansim.
Where to start?
Makes sure you are signed in with Administrative credentials
Disable any antivirus running locally
Validate your browser manufacturer and version with the requirements for your version of LoadRunner