To have the ability to use SSL without verifying certificates #5

Closed
mikelee84 opened this Issue Jul 10, 2012 · 20 comments

Projects

None yet

6 participants

@mikelee84

Is there is a possibility to have create session keyword to remove SSL verification cert when creating a HTTPS session?

@bulkan
Owner
bulkan commented Jul 10, 2012

Hi,

İm currently on holidays and will look at this after July 22nd.

On 10/07/2012, at 12:34, mikelee84
reply@reply.github.com
wrote:

Is there is a possibility to have create session keyword to remove SSL verification cert when creating a HTTPS session?


Reply to this email directly or view it on GitHub:
#5

@bulkan
Owner
bulkan commented Jul 24, 2012

Hi @mikelee84

I'm back from my holiday and I can look at this request now.

Can you please provide a sample test case file for your use case ?

Cheers

@bulkan bulkan closed this Feb 15, 2013
@dpinna13

Hi Bulkan,
I'm interested in request the same functionality. In 'Requests' it's possible to do a GET request and avoiding to verify the validity of the ssl certificate. ( http://docs.python-requests.org/en/latest/user/advanced/#ssl-cert-verification )

This will allow to unblock test execution when dealing with unsigned ssl certificate in development servers etc.

Thanks

@bulkan bulkan reopened this Mar 26, 2013
@bulkan bulkan added a commit that referenced this issue Mar 27, 2013
@bulkan setting SSL certificate validation on/off
relates to #5
ed64e8a
@bulkan
Owner
bulkan commented Mar 27, 2013

Hi @dpinna13

I've just added this support. By default I've set SSL verification to False.

If you look in the testcase.txt file there is a sample. To Create Session pass in verify=True to let requests verify the SSL cert.

Hope this helps.

Cheers

@bulkan bulkan closed this Mar 27, 2013
@mikelee84

Hi @bulkan
Sorry for not commenting on this bug earlier.
I have just made an upgrade to the library. In the keywords.py file, I have noticed this:

**cant pass these into the Session anymore
self.timeout = timeout
self.cookies = cookies
self.verify = verify

Any idea why can't these variables be passed into the session? Without actually passing in the verify variable into the session, I am getting the SSL error even with SSL verification is set to False:
"SSLError: [Errno 1] _ssl.c:490: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed"

The only workaround right now is for me to changed the Request library file itself, (models.py) on Line 124:
FROM:
#: SSL Verification.
self.verify = verify
TO:
#: SSL Verification.
self.verify = False

Any comments? From what I can see, it seems the verify variable cannot be passed to the Request library.

@bulkan
Owner
bulkan commented Mar 27, 2013

@mikelee84 by default verify is set to False on the request.session object that is created when Create Session is called.

http://docs.python-requests.org/en/latest/api/#sessionapi

@techkarma

Sorry to revive this thread, but was this issue resolved? I wrote a test script in both robot framework using this library and in python directly using the requests lib. When using python, I have to explicitly set verify=False:

http://www.python-requests.org/en/latest/user/advanced/#ssl-cert-verification
states "By default, verify is set to True."

If I use robotframework-requests, the test consistently fails, regardless of how verify is set. So it seems that False is not being passed in. Can we re-open this bug?

@bulkan
Owner
bulkan commented Sep 3, 2013

@techkarma all good. Yes we can open the issue again.

@bulkan bulkan reopened this Sep 3, 2013
@techkarma

Cool - thanks! I went into the source library on my local machine and experimentally changed the get call to include the verify parameter:

was:
resp = session.get("%s/%s" % (self.url, uri.strip('/')),
headers=headers,
cookies=self.cookies, timeout=self.timeout)

changed to:
resp = session.get("%s/%s" % (self.url, uri.strip('/')),
headers=headers,
cookies=self.cookies, timeout=self.timeout, verify=self.verify)

With that, the get call is now working for me, so it looks like, perhaps, that just needs to be added to the session calls.

Thanks!

@bulkan
Owner
bulkan commented Sep 3, 2013

@techkarma awesome. Can you try the following instead and run your tests

s.verify = self.builtin.convert_to_boolean(verify)

add that line at line:45 in keywords.py

https://github.com/bulkan/robotframework-requests/blob/master/src/RequestsLibrary/keywords.py#L45

@bulkan bulkan added a commit that referenced this issue Sep 4, 2013
@bulkan pass the verify argument to the session object
need to convert argument to boolean as RF parsers everything as
strings

see #5
27845eb
@techkarma

@bulkan Just FYI, I removed my mod and added your recommendation (s.verify=...) and that worked. Thanks again for the quick reply (and useful library).

@bulkan
Owner
bulkan commented Sep 4, 2013

@techkarma Awesome thanks for your help in testing. I'll update the version in PyPI later so that you can just do

pip install robotframework-requests -U

@jaz1988
jaz1988 commented Sep 9, 2013

Hi, this does not work if the certificate is a self-signed certificate?

@bulkan
Owner
bulkan commented Sep 9, 2013

@jaz1988 can you please try passing in the path to your cert file see http://www.python-requests.org/en/latest/user/advanced/#ssl-cert-verification

For example in the tests here

change verify=true to something like the following;

Post with self signed cert

    Create Session    httpbin    https://httpbin.org   verify=${CURDIR}${/}cert.pem
@jaz1988
jaz1988 commented Sep 10, 2013

Hi thanks for the quick reply, i have yet to try it with the cert file, will update here once its done!

@hztony
hztony commented Sep 10, 2013

I am a test engineer .
I'd like to find new tools and try ^_^

------------------ 原始邮件 ------------------
发件人: "jaz1988";notifications@github.com;
发送时间: 2013年9月10日(星期二) 中午11:32
收件人: "bulkan/robotframework-requests"robotframework-requests@noreply.github.com;

主题: Re: [robotframework-requests] To have the ability to use SSL withoutverifying certificates (#5)

Hi thanks for the quick reply, i have yet to try it with the cert file, will update here once its done!


Reply to this email directly or view it on GitHub.

@hztony
hztony commented Sep 10, 2013

20130910 16:51:19.964 : TRACE : Arguments: [ {u'total': 1, u'code': 200, u'data': [{u'oob_port': None, u'minor_type': None, u'name': u'VMware Virtual Platform', u'gmt_create': None, u'id': 1, u'frame_width': None, u'unit_size': None, u'oob_type': None, u'alias': None, u'frame_height': None, u'device_type': 0, u'serial_port': None, u'gmt_modify': None, u'port_rate': None, u'device_brand_id': 1}], u'success': True} | 200 ]
20130910 16:51:19.964 : TRACE : Return: None

HOW can I get the DISC content .For example u'id': 1 ?

------------------ 原始邮件 ------------------
发件人: "jaz1988";notifications@github.com;
发送时间: 2013年9月10日(星期二) 中午11:32
收件人: "bulkan/robotframework-requests"robotframework-requests@noreply.github.com;

主题: Re: [robotframework-requests] To have the ability to use SSL withoutverifying certificates (#5)

Hi thanks for the quick reply, i have yet to try it with the cert file, will update here once its done!


Reply to this email directly or view it on GitHub.

@bulkan
Owner
bulkan commented Sep 18, 2013

@jaz1988 were you able to test with the cert file ?

@jaz1988
jaz1988 commented Sep 19, 2013

Hi, I didn't manage to obtain the cert file from my company, but they provided me with an address that is not self signed.

@bulkan
Owner
bulkan commented Sep 19, 2013

@jaz1988 ok cool. ill close this issue. you're welcome to open it later 👍

@bulkan bulkan closed this Sep 19, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment