Cypress - 403 Forbidden Error When Visiting Main Site

I am trying to cy.visit() my single page application that requires my certificate loaded in the browser to run correctly. When running a test, it fails with a 403 forbidden error.

Solution 1:

httpProxy.createProxyServer({
target: {
protocol: 'https:',
host: 'my-domain-name',
port: 443,
pfx: fs.readFileSync('path/to/certificate.p12'),
passphrase: 'password', },
changeOrigin: true,
}).listen(4440);

Answer :

Add a http proxy server and append the PKI on outgoing requests so say you set the proxy to listen to localhost:4440 so now you are doing cy.visit(http://localhost:4440). The proxy forwards the visit() request to the host:'my-domain-name' and appends the PKI.

For some reason whatever Cypress is doing under the hood prevents the Cypress browser from loading/forwarding on the PKI cert. You will probably also need to install the cert on your execution server db using cert utils https://www.systutorials.com/docs/linux/man/1-certutil/. The CY electron browser will automatically load a cert that is installed on the db so it is important you only ever have certs on there that have permissions to access the application under test. This can all be done in Ansible when wanting to run in a CI pipeline. Was a painful set up and involved some team effort and a great dev who enjoys getting involved in test. Cypress has turned out to be worth all the effort so would deff hope you reconsider using if you haven't already solved it by now.