Error: net::ERR_BAD_SSL_CLIENT_AUTH_CERT

This issue has been tracked since 2022-07-17.

Describe the bug
I've extended the docker file to install a couple of certificates and a chrome policy to auto accept them. When I run code from the live browserless web console I am able to use them. However when I connect remotely I get Error: net::ERR_BAD_SSL_CLIENT_AUTH_CERT.

Dockerfile:

# Select Base Image
FROM browserless/chrome

# Install Additional Packages for certs
USER root
RUN apt update && apt-get install -yq libnss3-tools

# Force Install Chrome
RUN wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
RUN dpkg -i google-chrome-stable_current_amd64.deb

# Install Chrome Policies
RUN mkdir -p /etc/opt/chrome/policies/managed
COPY policy.json /etc/opt/chrome/policies/managed

# Create Cert Database
USER blessuser
RUN mkdir -p /home/blessuser/.pki/nssdb
RUN certutil -d sql:/home/blessuser/.pki/nssdb -N

# Copy Certs to Container
COPY cert_id.pfx /home/blessuser/certs/cert_id.pfx
COPY cert_enc.pfx /home/blessuser/certs/cert_enc.pfx

# Install Certs
RUN pk12util -i /home/blessuser/certs/cert_id.pfx -W "aPassword" -d sql:/home/blessuser/.pki/nssdb
RUN pk12util -i /home/blessuser/certs/cert_enc.pfx -W "aPassword" -d sql:/home/blessuser/.pki/nssdb

# Start Browserless
EXPOSE 3000
CMD ["/usr/src/app/start.sh"]

To Reproduce
Steps to reproduce the behavior:
Working:

  1. Go to web console - in my case 10.10.10.4:7080
  2. Run Code
export default async ({ page }: { page: Page }) => {
  await page.goto('https://asite.com/teams/api/oauth/login?loginType=certificate');
    await page.evaluate(() => { debugger; });
};
  1. Certs are auto selected and show my user to select

Not Working:

  1. Create a test.js file with the following code
const puppeteer = require('puppeteer');

(async () => {
    const browser = await puppeteer.connect(
        {
            "browserWSEndpoint": "ws://10.10.10.4:7080",
            "ignoreHTTPSErrors": true,
            "headless": false,
            "args": [
                "--ignore-certificate-errors",
                "--ignore-certificate-errors-spki-list",
            ],
        }
    )
    const page = await browser.newPage();
    await page.goto('https://asite.com/teams/api/oauth/login?loginType=certificate')
    await page.screenshot({ path: 'example.png' })

    await browser.close()

})();
  1. Error
/Users/typkrft/node_modules/puppeteer/lib/cjs/puppeteer/common/FrameManager.js:194
                    ? new Error(`${response.errorText} at ${url}`)
                      ^

Error: net::ERR_BAD_SSL_CLIENT_AUTH_CERT at https://asite.com/teams/api/oauth/login?loginType=certificate
    at navigate (/Users/typkrft/node_modules/puppeteer/lib/cjs/puppeteer/common/FrameManager.js:194:23)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async FrameManager.navigateFrame (/Users/typkrft/node_modules/puppeteer/lib/cjs/puppeteer/common/FrameManager.js:170:21)
    at async Frame.goto (/Users/typkrft/node_modules/puppeteer/lib/cjs/puppeteer/common/FrameManager.js:589:16)
    at async Page.goto (/Users/typkrft/node_modules/puppeteer/lib/cjs/puppeteer/common/Page.js:1089:16)
    at async /Users/typkrft/Code/Git/browserless/test.js:16:5

Node.js v18.3.0

Expected behavior
Auto Accepts so that I can continue the login process. Or in this specific case take a screenshot

Screenshots
NA

Desktop (please complete the following information):

  • OS: Browserless Container on Docker version 20.10.17, build 100c701 running on Fedora 36
  • Running Code Remotely from macOS 12.4 (21F79)

Additional context
Unfortunately I am unable to provide certs or the exact site.

More Details About Repo
Owner Name browserless
Repo Name chrome
Full Name browserless/chrome
Language TypeScript
Created Date 2017-11-17
Updated Date 2023-03-22
Star Count 5309
Watcher Count 47
Fork Count 516
Issue Count 29

YOU MAY BE INTERESTED

Issue Title Created Date Updated Date

Popular Frameworks
Programming Languages

Copyright © Codesti | Contact