HTTPS/SSL sites

Explore
Introduction, screen-shots, features, limitations
Getting started
Prerequisites, download, install, browser configuration, record, playback, view logs
Sahi Scripting Basics - I
Statements, variables, functions, conditions and looping, _include
Sahi Scripting Basics - II
Sahi APIs (built-in functions)
Sahi Scripting - Calling Java
Exception handling using try-catch
Recovering without try-catch using _setRecovery
Script lifecycle call back functions
onScriptFailure, onScriptError, onScriptEnd
Data Driven Testing
_getDB, CSV Files, Excel, Databases
Multithreaded Playback (Parallel execution)
suites, commandline, ant
Advanced techniques, tips and examples
Other language drivers Driving Sahi from Java, Ruby etc.
1. Java
2. Ruby
Trouble Shooting Sahi
Sahi Pro

HTTPS/SSL sites ·

Sahi supports HTTPS out of the box. Sahi Pro eases the pain by automatically accepting SSL certificates. Sahi ships with a root certificate and all other certificates will be signed by this root certificate, making SSL testing absolutely smooth.
But, for some reason if the browser reports a certificate error as shown below, then you will need to import the root certificate to the “Trusted Root Certificate Authorities” store.

To import the root certificate, click on the “SSL” link on dashboard.

Sahi first tries to import the certificate with “certutil” command available on Windows.

If Step 1 fails, Sahi then tries to import the certificate through Java. At this point you should be able to see this screen

Click “Yes” to import the certificate.

If Step 2 fails, Sahi will then try a direct import. Follow these steps.

This should import the certificate successfully.

Once done, you should be able to access your HTTPS/SSL site.

For Sahi Open Source

Make sure that your browser is using Sahi as its proxy for “Secure” or “SSL Proxy” too.

Look at “Is keytool available” under “Java” section on the “Info” tab of the Controller. If you are unable to get the Controller up on an HTTPS site, go to an HTTP site and bring up the Controller.

If “Is keytool available” is false, add <java>/bin to your PATH variable. (Details on adding Java/bin to Path), or specify the full path to keytool.exe in <sahi>/config/sahi.properties. keytool.exe is present in the <java_home>/bin directory

For eg. you could do

PATH=C:\Java\bin;%PATH% start_sahi.bat

to add java\bin to the path before you start Sahi.

Navigate to the HTTPS site. If the above instructions have been followed, you will get a page which warns you that the certifcate is incorrect. On Firefox , click on “Add Exception” and then “Confirm Security Exception”. The web site will then be displayed.

At this point, the website which has been displayed may not work properly if it fetches css and javascript files from another https domain or sub-domain. The Controller will also not come up with ALT-DblClick.

Open another tab, and navigate to https://sahi.example.com/_s_/dyn/SSLManager . A similar SSL warning will appear. Accept it like before. The SSLManager page should now be visible.

You will now see a list of domains that Sahi has created certificates for. Some of them will be red and some green. Click on the red ones, and you will get the same certificate dialog which you would need to accept. Once you have accepted the required certificates on the browser, you should be able to navigate properly to the web page.

NOTE: It is possible that there are some domains/subdomains that are “hidden”. They may be used to fetch css, javascript and other artefacts. These certificates also need to be accepted via the SSLManager if your site has to work well. If your browser hangs, or the web page looks different than normal, or shows javascript errors, it may be because of these unaccepted certificates.

Follow the steps in these video for accepting SSL certificates on
Internet Explorer 8, 9
Internet Explorer 7 or before.

For auto acceptance of certificates, have a look at this forum post

HTTPS sites hang during record or playback (OLD – for Forefox 2 only)

This may happen if there are multiple certificate dialogs being opened by the browser at the same time. When trying to automate HTTPS sites, first do a dry pass of the site with the proxy on, but without bringing up the controller. Only bring up the controller for record/playback after all certificates have been accepted. This used to happen on Firefox 2.

Creating certificates manually:

NOTE: YOU SHOULD NOT HAVE TO DO THIS ANYMORE. JUST FOLLOW THE FIRST TWO SECTIONS AND THINGS SHOULD WORK PROPERLY.

If the certificates do not get created in sahi/userdata/certs folder, you can follow these instructions to manually create the certificates. These instructions will appear on the Sahi proxy console if there was some problem in creating certificates.

——————————HTTPS/SSL START——————————

Sahi is trying to create a certificate for domain:
sahi.example.com
If you are unable to connect to this https site, do the following:
Check on your filesystem to see if a file like
<sahi_dir>\certs\sahi_example_com
has been created.
If not, then create it by running the command below on a command prompt.
Note that you need ‘keytool’ to be in your path.
keytool comes with the JDK by default and is present in <JAVA_HOME>/bin.
Once you create that file, ssl/https should work properly for that site.

———-COMMAND START———-

keytool -genkey -alias sahi.example.com -keypass sahipassword -storepass sahipassword -keyalg RSA -keystore D:\sahitest\sahi\certs\sahi_example_com -dname "CN=sahi.example.com, OU=Sahi, O=Sahi, L=Bangalore, S=Karnataka, C=IN"

———-COMMAND END———-

The files in certs can be copied over to other systems to make ssl/https work there.

——————————HTTPS/SSL END——————————

NOTE

Since 2008, we changed the dummy domain name that sahi uses to sahi.example.com. If SSL used to work properly but has now started becoming slow, clear the files in <sahi_dir>/certs directory, and let Sahi make new ones again, by accessing those sites.

Some trivia about example.com domains.