SSL Issues

Handshake failure

symptom When connecting to a HTTPS site, any browser opened from the Sahi Dashboard fails to connect, with an error message Received fatal alert: handshake_failure. Sahi can not connect to the desired URL.
resolution Check if you are able to connect to https://www.google.com via Sahi.

If not, then look at the instructions given here.

If you could access https://www.google.com, but not your other sites, follow what is given below. The fact that you could connect to https://www.google.com means that the Sahi SSL mechanism itself is working fine.

It is possible that these servers have certificates with a weaker algorithm. To fix it, please do the following:
  1. See what your java path is from the Controller->Info tab. You should see something like this:
    Java Installed Directory: D:\Dev\Programs\jdk8\jre
  2. Open <jre_dir>/lib/security/java.security file in a text editor. (In our case, it is D:\Dev\Programs\jdk8\jre\lib\security\java.security)
  3. Look for jdk.certpath.disabledAlgorithms. In our case, it looks like:
    jdk.certpath.disabledAlgorithms=MD2
  4. Comment it out, so that it looks like this:
    #jdk.certpath.disabledAlgorithms=MD2
  5. Restart Sahi, and check again.

Certificate revocation error in Google Chrome

symptom Connecting to any HTTPS site from Google Chrome browser fails to connect, with an error message NET::ERR_CERT_NO_REVOCATION_MECHANISM.
resolution Sahi creates a dummy certificate for an HTTPS connection between the browser and Sahi. If Google Chrome performs its certificate revocation checking, this error occurs. To fix it, do the following:
  1. Open the Registry Editor in Windows. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome.
  2. Set the value as 0 for RequireOnlineRevocationChecksForLocalAnchors key of type REG_DWORD. Create this key if it does not exist.