5

I'm trying to run tests in headless Chrome using Geb. Before enter the page, I have to select client certificate for authentication. How to do this in headless mode?

Robot class not working without UI.

Is there any way to handle certificate selection? I read about policies and AutoSelectCertificateForUrls but I can't find way to load policy from file or set this particular parameter as option/argument (Chrome on Linux).

In PhantomJS there is option to provide certificate as argument but how to do this using Chrome driver?

caterso
  • 51
  • 1
  • 3
  • As for `AutoSelectCertificateForUrls`, which OS are you working on? Windows, Linux, MacOS? – kriegaex May 10 '19 at 00:34
  • I'm working on Linux. – caterso May 10 '19 at 12:32
  • Have you read [this](https://www.chromium.org/administrators/linux-quick-start) and are you in control of directory `/etc/opt/chrome/policies`? Then you could add [`AutoSelectCertificateForUrls`](https://www.chromium.org/administrators/policy-list-3#AutoSelectCertificateForUrls) to a JSON file in the `managed` subdirectory. Tell me if that helps and I will convert the comment into an answer. – kriegaex May 13 '19 at 01:19
  • Yes, it works but only when running chrome in normal mode (not headless). In headless mode policies are not supported. – caterso May 13 '19 at 09:08
  • I think PhantomJS is dead, so question is more relevant today. We have the same problem. – Jesse Aug 24 '19 at 12:11
  • Does anyone have an answer for this? Firefox has an option for this, but we can't come up with a viable approach with Chrome. – eugene Dec 15 '20 at 00:35
  • At the moment, the only way is to install certificate manualy [like this](https://chromium.googlesource.com/chromium/src.git/+/master/docs/linux/cert_management.md) and run Chrome in xvfb. Another way might be to use stunnel with a client certificate, but to change certificate you have to reconfigure and restart stunnel. – caterso Dec 18 '20 at 09:26

1 Answers1

2

I had the same problem and ended up running in headful mode instead. There are some stuff required to be installed on the server though to be able to run Selenium in headful mode. I wrote an article on the subject using Selenium with .NET Core in linux with environment setup through docker.

https://sgedda.medium.com/running-selenium-with-chromedriver-together-with-client-certificate-set-in-headful-mode-with-net-a79bde19e472

Dockerfile https://gist.githubusercontent.com/sgedda/584aa35a0d9162ad24f9cca836266959/raw/1fc0b4e6e8c76b791437bc847b67b2ed676c5d9b/Dockerfile

Sgedda
  • 1,323
  • 1
  • 18
  • 27
  • After a lot of trial and error with headless mode, this post really helped me ... using xvfb was the only way I could get client certs to work with selenium and the chrome driver. One tip for making the solution just a bit more elegant: Use xvfb-run. This will prevent you from having to explicitly export the port variable and kill the xvfb process when done. I got this tip form http://elementalselenium.com/tips/38-headless – greghmerrill Jan 17 '22 at 16:58