Twist 2.5 has greatly improved support for testing secure web applications using the Sahi driver. Testing secure sites with Sahi has not always been a pleasure. It involved accepting the Sahi generated certificates for each of the secure sites that your application loads resources from.
For example, if your application at https://example.com had jQuery loaded from the Google CDN, a bunch of images from your company's CDN and Twitter bootstrap hosted on Github, you would end up adding Sahi generated certificates for the following domains:
This is harder if you are doing Continuous Integration and you have a number of environments where your tests are executed. This has been an issue that Twist users wanted us to solve and we are happy to announce that we have significantly improved this experience.
From Twist 2.5 onwards, Twist adds it's certificate to your system the moment you create a Sahi project. This certificate is a Certificate Authority (CA) certificate and every single certficate generated by Sahi for various domains will be automatically signed with the TWist certificate. The implication of this is that you no longer have to accept any of the certificates for the individual domains from which your application loads resources from.
Creating a project
When you create a new Sahi project on your development box, Twist tries to install it's CA certificate. Since this is an action that needs Administrative privileges, your Operating System may ask you to authenticate the action using your password.
Once the project is created, testing any secure web application is easy and you don't have to do anything additional.
The next time you create a project, since you already have the CA certificate Twist will not attempt to install it again.
This new release also makes it easier to execute the tests on Continuous Integration environments. Instead of having to accept each of the individual certificates, you can install the CA certificate.
The certificate twist-ca.crt can be found under the sahi/userdata directory in your project's base directory. This can be installed using the following utilities:
Mac OS X
You can install the certificate using the security utility.
You can install the certificate using the certutil.exe utility.
certutil.exe -addstore -user root twist-ca.crt
You can install the certificate using certutil
certutil -A -d sql:~/.pki/nssdb -t C -n "Certificate Common Name" -i twist-ca.crt
On Linux distributions, the certutil utility does not come pre-packaged. you will need to install it from Mozilla.
If you are testing only on Firefox, you will not have to install the CA certificate on any of the environments. This is because Twist launches Firefox withe a profile that already contains the certificate.
Thoughtworks acknowledges the Traditional Owners of the land where we work and live, and their continued connection to Country. We pay our respects to Elders past and present. Aboriginal and Torres Strait Islander peoples were the world's first scientists, technologists, engineers and mathematicians. We celebrate the stories, culture and traditions of Aboriginal and Torres Strait Islander Elders of all communities who also work and live on this land.
As a company, we invite Thoughtworkers to be actively engaged in advancing reconciliation and strengthen their solidarity with the First Peoples of Australia. Since 2019, we have been working with Reconciliation Australia to formalize our commitment and take meaningful action to advance reconciliation. We invite you to review our Reconciliation Action Plan.