As of a couple days ago, I added HTTPS support to Selenium RC. This is a major addition, as it has been pretty much the only large feature missing from Selenium products. The result is that you can now remotely drive web browsers on sites that use HTTP or HTTPS protocols. Just as Selenium Remote Control was, this code was originally created as part of our HostedQA product.

Using this feature

To get started with testing on HTTPS, you have to use the custom browser launcher for now (we'll add support for it for the specific browser launchers as time goes on). The reason for this is that you need to import a Certificate Authority in to the main browser profile. Look in the advanced/security settings in Firefox/IE for this option.

You can find the CA at http://dangerous-certificate-authority.openqa.org/

Once you have the CA imported to the browser and have changed your tests to use the custom browser launcher, you can begin testing against HTTPS. Everything should just work.

How it works

Unlike other similar web testing tools, this solution doesn't require you to prepare the web browser for each domain you want to test. Rather, you only need to prepare the browser once by importing the CA.

What happens behind the schenes is that as each HTTPS connection is opened to a unique server/host combination, a mini-instance of Jetty is spawned off and used to tunnel SSL connections to the server. However, that Jetty instance needs a keystore that is signed by a trusted CA and is associated with the domain in question.

That keystore could be generated through a series of keytool and openssl commands, but we didn't want you to have to install these locally, since that can be a pain, especially for openssl. So instead, we created a web service at the dangerous-certificate-authority.openqa.org domain that generates the keystore for you.

The downside to this approach is that you must be online for HTTPS support to work. In the future we may offer a fallback that issues the keytool/openssl commands if the online service can't be accessed.

Give it a shot

The latest SNAPSHOT builds at maven.openqa.org should have SSL support available. Give it a shot, or wait for Selenium RC 0.8.2 to come out.

Or, alternative, sign up for HostedQA and start using these features (plus a ton more) today.