Enable javascript in your browser for better experience. Need to know to enable it? Go here.
Blogs Banner

Twist 2.5: Support for testing Secure sites

Twist 2.5 has greatly improved support for testing secure web applications using the Sahi driver. Testing secure sites with Sahi has not always been a pleasure. It involved accepting the Sahi generated certificates for each of the secure sites that your application loads resources from.

For example, if your application at https://example.com had jQuery loaded from the Google CDN, a bunch of images from your company's CDN and Twitter bootstrap hosted on Github, you would end up adding Sahi generated certificates for the following domains:

This is harder if you are doing Continuous Integration and you have a number of environments where your tests are executed. This has been an issue that Twist users wanted us to solve and we are happy to announce that we have significantly improved this experience.

From Twist 2.5 onwards, Twist adds it's certificate to your system the moment you create a Sahi project. This certificate is a Certificate Authority (CA) certificate and every single certficate generated by Sahi for various domains will be automatically signed with the TWist certificate. The implication of this is that you no longer have to accept any of the certificates for the individual domains from which your application loads resources from.

Creating a project

When you create a new Sahi project on your development box, Twist tries to install it's CA certificate. Since this is an action that needs Administrative privileges, your Operating System may ask you to authenticate the action using your password.

Once the project is created, testing any secure web application is easy and you don't have to do anything additional.

The next time you create a project, since you already have the CA certificate Twist will not attempt to install it again.

CI environments

This new release also makes it easier to execute the tests on Continuous Integration environments. Instead of having to accept each of the individual certificates, you can install the CA certificate.

The certificate twist-ca.crt can be found under the sahi/userdata directory in your project's base directory. This can be installed using the following utilities:

Mac OS X

You can install the certificate using the security utility.

security add-certificate twist-ca.crt security add-trusted-cert twist-ca.crt


You can install the certificate using the certutil.exe utility.

certutil.exe -addstore -user root twist-ca.crt


You can install the certificate using certutil

certutil -A -d sql:~/.pki/nssdb -t C -n "Certificate Common Name" -i twist-ca.crt



On Linux distributions, the certutil utility does not come pre-packaged. you will need to install it from Mozilla.


If you are testing only on Firefox, you will not have to install the CA certificate on any of the environments. This is because Twist launches Firefox withe a profile that already contains the certificate.

Twist 2.5 also includes improvements to share data between workflows, explore fixtures and collate verification failures without halting the scenario.

Try Twist now to improve test automation and fine-tune your CD process.

Disclaimer: The statements and opinions expressed in this article are those of the author(s) and do not necessarily reflect the positions of Thoughtworks.

Keep up to date with our latest insights