Is it possible to test client side SSL certificates with Selenium and any browser? E.g. Can you create a web driver and give dummy certificates for it? Or use a prepared Firefox profile?

Creating Selenium Firefox test profile for SSL client-side certificates

You need to prepare Selenium's WebDriver Firefox profile which has client certificates imported in.

First you launch WebDriver with the following configuration in your test code:

# Pre-seeded Firefox profile directory
profile_directory = os.path.join(os.path.dirname(__file__), "..", "..", "certs", "firefox-client-ssl-profile")
self.assertTrue(os.path.exists(profile_directory))

profile = FirefoxProfile(profile_directory)

# Make sure the client side certificate selection does not interrupt the test
# XXX: What happens in other language versions?
profile.set_preference("security.default_personal_cert", "Select Automatically")
self.driver = WebDriver(firefox_profile=profile)

self.selenium_helper = SeleniumHelper(self, self.driver)
self.selenium_helper.driver = self.driver

Start unit tests and drive them to the point Zope test server is up. Stop tests with "import pdb ; pdb.set_trace()"

You should now have a Selenium's "WebDriver" Firefox instance on your screen.

Import your client side certificate. Preferences > Advanced > Encryption > View certificates. Import "client.p12" from your client-side certificate supply.

Visit in the URL triggering the client-side certificate dialog in Webdriver's Firefox::

    https://yourservevr/triggers-client-side-certificate-ssl-handshake

This should prompt you to accept the client side certificate against the test server. Accept everything manually.

Visit in menu Help > Troubleshooting Information > Application Basics > Show in Finder. This opens the temporary directory holding Webdriver's active profile files.

Copy Firefox profile files cert8.db and key3.db to your unit test package WebDriver's Firefox profile's seed folder. This is the folder where Selenium picks seeds for Firefox web driver when the test starts firefox-client-ssl-profile.

Interrupt the tests. Restart the tests. Run until the pause again. In Webdriver's Firefox see in the settings that it now contains the certificates you did approve on the last run in Preferences > Advanced > Encryption > View certificates.

More info

• https://trac.macports.org/wiki/howto/MAMP

• https://support.mozilla.org/en-US/questions/824255

• http://wiki.apache.org/httpd/DebuggingSSLProblems#Finding_out_what_caused_a_handshake_to_fail

• http://www.openssl.org/docs/apps/s_client.html

• https://omni.tenderapp.com/kb/omni-certificate-authorities/importing-pkcs12-certificates-in-keychain-for-safarichrome-in-mac-os-x

• http://support.mozilla.org/en-US/kb/Recovering%20important%20data%20from%20an%20old%20profile#w_security-certificate-settings """

I dont know if this helps, but you can change some of the preferences in the profile. In Java, you could do this.

ProfilesIni allProfiles = new ProfilesIni();
    FirefoxProfile profile = allProfiles.getProfile("default"); //change profile name. there is a note somewhere on how to change it
    profile.setPreference(uaKey, uaValue);
    profile.setAcceptUntrustedCertificates(acceptUntrustedSsl);

I am not sure this is what you need.