QA Engineers everywhere woke up today and rolled into the office with the usual dread that Monday morning's bring, only to find out their day just got even worse because all of their selenium driven, automated test suites all came crashing to a halt on Sunday, April 1st 2012. Every test would halt with an SSL Certificate warning message "Error code: sec_error_expired_issuer_certificate".

It took me a 15 minutes of scratching my head, looking at test success history on Friday (when they all passed) and comparing that to any changes in the test suite (there had been none in the last few days). Then it hit me that that the culprit might be that darned CyberVillians' certificate that ships in Selenium. Once that dawned on me, I dug up the selenium-server-2.0.0.jar file, extracted, and checked out the cybervilliansCA.cer in the sslSupport subdirectory.

I had been using Selenium 2.0, which includes its own SSL certificate called cybervillainsCA.cer bundled into the server. It uses that SSL certificate to proxy/intercept the SSL requests to the Application Under Test. Well, apparently that cert has an expiration date of March 31, 2012, and I ran smack into it. This caused all tests to fail because Selenium could not proxy SSL anymore.

To correct the problem, I had to update the Selenium server version to 2.20, which should be good for another 20 years since they had the good sense to make it expire in 2031 this time.

The Selenium Server 2.0 Expired Certificate:

The Selenium Server 2.20 Certificate Valid Until 2031: