Handling SSL Certificate Errors in Chrome WebDriver

Overview

When automating Chrome browsers using Selenium, developers frequently encounter SSL handshake failures. This typically occurs when the target website possesses an invalid, expired, or untrusted security certificate, or when testing against internal environments with self-signed certificates.

The Issue

The browser instance fails to load the target URL, halting the script execution. The console logs frequently report errors originating from ssl_client_socket_impl.cc, indicating a failure to establish a secure connection. The process effectively hangs while attempting to negotiate the TLS handshake.

from selenium import webdriver
from selenium.webdriver.chrome.options import Options as ChromeOptions

# Initial configuration
browser_options = ChromeOptions()
browser_options.add_argument('--start-maximized')
browser_options.add_experimental_option('w3c', False)

# Initializing the driver
driver = webdriver.Chrome(options=browser_options)

# Attempting to navigate
target_url = "https://example.local"
driver.get(target_url)

Error Analysis

The error code net_error -101 (ERR_CONNECTION_RESET) or similar SSL codes suggests that the TLS/SSL handshake could not be completed. Common causes include:

  • Mismatched or Untrusted Certificates: The certificate authority is not recognized by the browser.
  • Expired Certificates: The validity period of the SSL certificate has passed.
  • Insecure Protocols: The server uses obsolete cipher suites or protocols.
  • Network Instability: Intermittent connection drops preventing secure negotiation.

Resolution

To bypass these restrictions during automated testing—where strict security validation is often secondary to functional verification—specific Chrome arguments can be applied to ignore certificate errors. Additionally, excluding certain switches helps reduce console noise and prevents detection.

from selenium import webdriver
from selenium.webdriver.chrome.options import Options as ChromeOptions

def create_driver_instance():
    # Configure browser options
    chrome_prefs = ChromeOptions()
    
    # 1. Ignore SSL/TLS certificate errors
    chrome_prefs.add_argument('--ignore-certificate-errors')
    chrome_prefs.add_argument('--allow-running-insecure-content')
    
    # 2. Suppress automation-related info bars and logs
    chrome_prefs.add_experimental_option('excludeSwitches', ['enable-automation', 'enable-logging'])
    chrome_prefs.add_experimental_option('useAutomationExtension', False)

    # Initialize the WebDriver with modified options
    driver_instance = webdriver.Chrome(options=chrome_prefs)
    driver_instance.maximize_window()
    
    return driver_instance

# Execution
driver = create_driver_instance()
driver.get("https://your-target-site.com")

By adding the --ignore-certificate-errors flag, the Chrome browser is instructed to proceed despite validation failures. Furthermore, suppressing the enable-automation switch removes the "Chrome is being controlled by automated test software" notification, which is useful for stealth requirements.

Tags: Selenium python ssl webdriver automation

Posted on Thu, 28 May 2026 18:58:05 +0000 by Jaguar83

Hot Tags

©2026 Freaks City