python-3.xselenium-webdriverssl-certificateundetected-chromedriver

how to FIX (not ignore) SSL error with selenium (chrome)

I just want to know, why all sites, which I open via selenium webdriver have SSL certificate error? I have to keep connection secured.

I know, that problem could "solve" by adding options.add_argument('--ignore-certificate-errors'). But it will ignore error, and I need to fix it. Actually, everything's been fine before Google Chrome updated to 115 ver.

Code:

import time

from seleniumwire import undetected_chromedriver as uc
from selenium.webdriver.chrome.options import Options

options = Options()
# options.add_argument('--ignore-certificate-errors')
driver = uc.Chrome(options=options)
driver.get('https://google.com')
time.sleep(100)

And Chrome window: https://ibb.co/VDzDTYN

Solution

  • in the selenium-wire PyPI page the developers explains that:

    Selenium Wire works by redirecting browser traffic through an internal proxy server it spins up in the background. As requests flow through the proxy they are intercepted and captured...

    and also explains in the certificates section that:

    Selenium Wire uses its own root certificate to decrypt HTTPS traffic. It is not normally necessary for the browser to trust this certificate because Selenium Wire tells the browser to add it as an exception. This will allow the browser to function normally, but it will display a “Not Secure” message (and/or unlocked padlock) in the address bar. If you wish to get rid of this message you can install the root certificate manually.

    Summarizing, the secure connection is stablished between the selenium-wire's internal proxy-server and the website you are visiting using the website certificate, and the connection between your controlled browser and the selenium-wire's internal proxy-server uses a kind of self-signed certificate, which triggers the browser security alert. In my humble opinion and short experience using selenium-wire, it should be ok just to ignore that error or install the root certificate, as the documentation indicates.

    Anyway, selenium-wire allows to add add your own certificate. I think that if you use a valid certificate, the non-secure padlock should disappear. I haven't personally tried it.

    Hopes it help, sorry for my poor English.