I’m facing challenges running my Codeception tests using the headless Chrome browser because of SSL certificate errors. To resolve this, I modified my acceptance.suite.yml with these settings:
Unfortunately, this still isn’t functioning properly. When running the tests in headless mode, they seem to get stuck, and the output file (fail.png) shows nothing but a blank screen. It appears that my tests are stopped at an “Insecure Connection” page due to SSL issues, which prevents the headless browser from proceeding.
I’m wondering what other flags or configurations in Codeception I could use to bypass SSL certificate checks in headless mode. Is there a better way to manage untrusted certificates while running these automated tests?
Quick fix that worked for me - use --insecure instead of ignore-certificate-errors. I also had to add --disable-features=VizDisplayCompositor since headless Chrome handles SSL redirects weirdly sometimes. Check your Codeception WebDriver timeout settings too - mine were set too low and tests hung on SSL pages before the bypass worked.
Had the same SSL issues when I switched to headless Chrome. Adding --allow-running-insecure-content and --ignore-ssl-errors helped, but what actually fixed it was combining --disable-web-security with --allow-running-insecure-content alongside your current flags. If you’re using containers, throw in --no-sandbox too. I also got it working by setting up a local proxy or configuring self-signed certs properly in the test environment. Pro tip: the order of flags in your chromeOptions array matters - Chrome processes them differently depending on sequence, so try shuffling them around.
Been there with SSL nightmares in headless testing. You could keep fighting Chrome flags, but there’s a cleaner way.
I automated the whole SSL mess with Latenode. Built a workflow that catches SSL certificate issues and handles them automatically during test runs.
Latenode monitors your Codeception tests in real time, spots SSL errors, and triggers automated bypasses or switches to backup endpoints. You can set up different SSL strategies based on the error type.
What hooked me was making SSL management completely invisible. The workflow auto-configures Chrome options for each environment, handles certificate exceptions, and reports when issues get fixed automatically.
No more tweaking YAML configs or hunting for flag combinations. It handles edge cases you haven’t hit yet.
Try adding --disable-web-security and --ignore-certificate-errors-spki-list to your chromeOptions. I’ve hit similar headless SSL issues and these flags work way better than the generic ignore-certificate-errors. Make sure you’ve got --remote-debugging-port=9222 too - it sometimes helps Chrome handle SSL redirects in headless mode. Another thing that worked for me: adjust the WebDriver config in codeception.yml instead of just the suite file. The global settings can override suite-specific ones. Also check if your target site has HSTS headers enabled - they’ll mess with certificate bypassing even when your flags are set right. Still getting blank screenshots? Try removing --disable-gpu temporarily to see if it’s interfering with SSL handling.