How to make WebDriver trust our internal CAs

[vctqs1anz]

As a result of setting up internal CAs, we have successfully verified the Typesense server by setting the REQUESTS_CA_BUNDLE inside the Docker container. https://www.selenium.dev/documentation/webdriver/

REQUESTS_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt" 

However, the issue persists when we start crawling a site that is under internal CAs. We receive the following error

Turn on enhanced protection\u003C/a> to get Chrome's highest level of security","errorCode":"net::ERR_CERT_AUTHORITY_INVALID","expirationDate":"May 12, 2025","explanationParagraph":"This server could not prove that it is \u003Cstrong>\u003C/strong>; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.\

without REQUESTS_CA_BUNDLE points to Typesense server (Request python error)

requests.exceptions.SSLError: HTTPSConnectionPool(host='....................', port=443): Max retries exceeded with url: /collections/oceanblue_k8s_job (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:992)')))

[vctqs1anz]

Alternative way is ignore ssl error, and accept insecure certs but better way is somehow config trust internal CAs

   chrome_options = Options()
            chrome_options.accept_insecure_certs = True
            chrome_options.add_argument('--no-sandbox')
            chrome_options.add_argument('--headless')

            chrome_options.add_argument('user-agent={0}'.format(user_agent))

[vctqs1]

Resolve in here #86