grails embedded server functional testing needs to have valid ssl cert

I have been scouring the web for how to solve my problem with grails functional testing using embedded server + ssl, and would very much appreciate any help with the problem I'm having.

We have had good success so far testing our Grails webapp with Firefox using Selenium WebDriver 2. We run functional tests automatically from our Jenkins server (and sometime our local machines) using the functional-test plugin to start and stop our app, and the webdriver plugin in conjunction.

This line: profile.acceptUntrustedCertificates = true that is used for the profile of the new Firefox instance has been effective for us in making everything SSL totally valid as far as the browser is concerned during our tests with Firefox.

So, although that setup is working great with Firefox, we still need to run a parallel set of tests for IE 8, but I simply cannot figure out a way for webdriver to deal with the SSL warnings/obstacles of IE 8.

Because we are purely Mac (dev)/Linux (jenkins, etc) here, we run IE 8 in a Win 7 VirtualBox VM. Then from the Win 7 VM instance we run the standalone WebDriver server. It works fine up to the point where the test reaches the SSL part of our webapp, at which point I get the IE SSL warning page, and the test is derailed.

We bought a cheap godaddy SSL cert to use for this very reason, hoping to make IE happy, but I have not been able to figure out a way to make our certificate appear as valid and CA signed one, rather than just self-signed. When I examine开发者_开发问答 the certificate in Chrome for example, it does show my certificate, but also that it is self signed. It's CN is along the lines of testbox.example.com and I have added to /etc/hosts the line: 127.0.0.1 testbox.example.com.

I generated the CSR with java keytool and then imported the resulting signed certificate, and intermediate certificate, cross certificate, etc, per the instructions on the godaddy site. I saw somewhere that grails requires it's keystore to retain the password 123456, which I have done.

I have done SSL configs successfully for regular servers, e.g. standalone glassfish and tomcat, but I have just really hit a wall on this issue.

Thanks! Jamie

Another aproach:

You mentioned that changes in the IE settings don't work since the WebDriver creates a new IE instance.

IE stores a lot of settings in the windows registry. So "IE registry certificate" could be a good start to google your problem. Here is one promising result:

http://www.ehow.com/how_5024374_fix-certificate-error-internet-explorer.html

Since you run your IE in a virtual machine, I guess it is OK to disable the IE security features on this vm. Otherwise I have to admit that it's not a good idea to disable such a security feature by default.

For testing just install your certificate into IE 8.

See What do I need to do to get Internet Explorer 8 to accept a self signed certificate?

I know it's not a very clean solution, but out IE8 displays a warning that something is wrong with the certificate. This warning itself is a valid HTML page and your are able to click the link which says something like "ignore this, display the page".

You only have to this once for a session. So we simple have a small step in our tests which checks after invoking the first page if we get the error message. If yes, we automatically click the link and the rest works fine.

Again: I know it's not a clean solution. But it works for us. And having to configure the java keystores the right way can be a pain. :-)