My app uses card certificate authentication.
As for now seems like there is no official solution made/suggested by Playwright- according to this GitHub Issue.
I couldn't found any way to workaround it.
Here's a list of things I've tried:
browser
or context
- not workinglaunchPersistentContext
(chromium only)-
not workingcontext.route("**/*")
and providing pfx using
agentOptions
field(workaround somebody suggested in the GitHub
Issue) -couldn't figure what I did wrongCDPSession
in order to use the it's event handler-
but after I look into CDP Docs seems like they expose the basic http auth
event, couldn't find anything about SSL certificate
event.What I haven't tried yet:
Java
or
Python
A great workaround for Windows & Chromium users - using Windows Registry AutoSelectCertificateForUrls
Chromium Policy
I’m demonstrating on Chromium/Chrome, but it’s the same for every other Chromium-based browser. (you just need to figure the exact key path)
For the Playwright Chromium browser you need to create this registry key:
HKEY_CURRENT_USER\\SOFTWARE\\Policies\\Chromium\\AutoSelectCertificateForUrls
Note: According to google-docs If you use the PC Chrome (i.e.
channel: "chrome"
) you should use this path instead:HKEY_CURRENT_USER\\SOFTWARE\\Policies\\Google\\Chrome\\AutoSelectCertificateForUrls
with this value pattern:
"1"="{\"pattern\":\"<https://www.example.com\>",\"filter\":{\"ISSUER\":{\"CN\":\"certificate issuer name\", \"L\": \"certificate issuer location\", \"O\": \"certificate issuer org\", \"OU\": \"certificate issuer org unit\"}, \"SUBJECT\":{\"CN\":\"certificate subject name\", \"L\": \"certificate subject location\", \"O\": \"certificate subject org\", \"OU\": \"certificate subject org unit\"}}}"
In this example I'm executing the CMD reg add
command using node-js exec function:
const key = "HKEY_CURRENT_USER\\SOFTWARE\\Policies\\Chromium\\AutoSelectCertificateForUrls";
const value = "1";
const data = `{\\"pattern\\":\\"${url}\\",\\"filter\\":{\\"SUBJECT\\":{\\"CN\\":\\"${certName}\\"}}}`;
exec(`reg add "${key}" /v "${value}" /d "${data}"`);
Now, navigate to your site and the certificate pop-up shouldn't pop-up.