- Getting Started with Selenium for Automated Website Testing
- Getting Started with Appium for Mobile Native Application Testing
- Selenium Bootcamp by Dave Haeffner
- Appium Bootcamp by Dave Haeffner and Matthew Edwards
Why Do My Tunnels Fail To Start After Upgrading to Sauce Connect 4.5.2 and Higher?
Starting in Sauce Connect 4.5.2, the CONNECT request is done using an IP address rather than a Sauce Labs DNS name. This change allows Sauce Labs to add tunnel capacity more quickly. If your network has firewall/proxy rules that reference Sauce Labs DNS names (like *.miso.saucelabs.com), those rules should be changed to whitelist the Sauce Labs IP Address range (see below for the IP Address range). If you use a PAC file, there was a fix in Sauce Connect 4.5.3 that allows you to continue to use DNS names in the PAC file, but only if you use the Sauce Connect command-line option --proxy-tunnel (or -T).
What Outbound Ports Do I Need Open for Sauce Connect Proxy?
Ports 443 and 80 are required for communicating with Sauce labs and are not configurable. In addition to these, Sauce Connect Proxy requires a localhost port for the Selenium relay (see --se-port for details) and SCProxy (see --scproxy-port for details) to use, both of which are configurable.
Can I Share a Tunnel Between Multiple Accounts?
Yes, to do so start a tunnel with the --shared-tunnel flag to grant the tunnel owner's sub-accounts access. Then, the sub-account will need to specify the parent tunnel in the desired capabilities of their test in order to use the tunnel (see Shared Tunnels in test configuration options for details).
What Firewall Rules Do I Need?
Sauce Connect 4.5.1 and lower: Sauce Connect Proxy needs to make outbound connections to saucelabs.com and *.miso.saucelabs.com on port 443 for the REST API and the primary tunnel connection to the Sauce cloud.
Sauce Connect 4.5.2 and higher: Sauce Connect Proxy needs to make outbound connections to saucelabs.com and the IP ranges listed below on port 443 for the REST API and the primary tunnel connection to the Sauce cloud.
- Verifying the SSL certificate in use may require an outbound connection on ports 443 and 80 to *
.symcd.com and/or *.symcb.com(e.g. g.symcd.com and gs.symcb.com)
- Sauce Connect Proxy can optionally create tunnels through a web proxy.
What IP Addresses Does Sauce Connect Proxy Use to Communicate with Sauce Labs?
188.8.131.52/21(this is equivalent to the range
184.108.40.206 – 220.127.116.11)
18.104.22.168/21(this is equivalent to the range
22.214.171.124 - 126.96.36.199)
188.8.131.52/22(this is equivalent to the range
184.108.40.206 - 220.127.116.11)
For saucelabs.com certificate authentication, the server hosting Sauce Connect may need to connect to Online Certificate Status Protocol (OCSP) or Certificate Revocation List (CRL) services as well. Check out Sauce Connect Certificate Handling for more info.
I Have Verbose Logging On, but I'm Not Seeing anything in stdout. What Gives?
The --verbose flag increases the logging level of Sauce Connect Proxy but does not alter where it is sent. To send all logging to stdout, set a value of '-' for the --logfile command (EG. '--logfile -') when starting Sauce Connect Proxy. See the section on Generating Logs for Troubleshooting in Troubleshooting Sauce Connect Proxy for more information.
How Can I Use Sauce Connect Proxy to Test Graceful Degradation?
You can use the --fast-fail-regexps command line option to drop requests that fit a description altogether. You could use it to simulate non-loading of scripts, styles, or other resources.
This flag can contain a list of regex that will match the domain that wants to be blocked.
- google.com and any subdomain of google.com
- any subdomain of facebook.com but not facebook.com
Can I Access Applications on localhost?
When using Sauce Connect Proxy, local web apps running on commonly-used ports are available to test at localhost URLs, just as if the Sauce Labs cloud were your local machine.
However, because an additional proxy is required for localhost URLs, tests may perform better when using a locally-defined domain name (which can be set in your hosts file) rather than localhost. Using a locally-defined domain name also allows access to applications on any port.
Android Ports and Sauce Connect
On Android devices, ports 5555 and 8080 cannot be used with Sauce Connect Proxy
Microsoft Edge, Chrome 71+ and the Safari browser on OS X 10.10+ and mobile iOS 8+ proxies these common ports:
80, 443, 888,
2000, 2001, 2020, 2109, 2222, 2310,
3000, 3001, 3010, 3030, 3210, 3333,
4000, 4001, 4201, 4040, 4321, 4502, 4503, 4567,
5000, 5001, 5002, 5050, 5555, 5432,
6000, 6001, 6060, 6666, 6543,
7000, 7070, 7774, 7777,
8000, 8001, 8003, 8031, 8080, 8081, 8443, 8765, 8777, 8888,
9000, 9001, 9031, 9080, 9081, 9090, 9191, 9876, 9877, 9999,
If you're testing on Edge or Safari and need a different port, please let us know! We do our best to support ports that will be useful for many customers, such as those used by popular frameworks.
If We Have Five Users, Can We Use Five instances of Sauce Connect Proxy, or Do We Have to Set Up One Shared Instance?
Feel free to use either, even if you only have one Sauce account! If you do decide to use five separate instances, you will need to create unique identifiers for each. You can also create sub-accounts that each have their own individual access keys.
What is SCProxy?
Scproxy is a built-in http proxy in SC, all requests/responses between the browsers running the selenium test and the web servers pass through it. Since it's only used internally in SC, it doesn't matter which port it uses. A free port is allocated dynamically when SC is started.
Can I Split Testing Traffic Across Multiple Sauce Connect Proxy Tunnels?
Sauce Connect Proxy offers some options for high availability that enable multiple Sauce Connect Proxy tunnels to be grouped into a pool that is treated like a single tunnel. This offers several advantages, including the ability to distribute the load of test traffic. Check out High Availability Sauce Connect Proxy Setup for more information.
Why Would We Get Errors Running Tests Through Sauce Connect Proxy On CORS-Enabled Sites?
Cross-Origin Resource Sharing(CORS) errors could be caused by a variety of reasons, but we have found that the following strategies have resolved these issues:
- Make sure that the ulimit/open file limit of your machine is at least 8000, which is the recommend value for Sauce Connect Proxy use
- Start a Sauce Connect instance using the
-Ncommand flags. For more information about what these flags do for your tunnel, please check out the Sauce Connect Command Line Reference.
Why Do My Tests on Android Fail With Certification Errors or Fail to Login?
Because Android 4.4 and 5.0 do not respect the CyberVillains certificate at the system level, all tests on those platforms, including browser and app tests, must disable SSL bumping or else all SSL encryption will fail. This applies to both Android Emulators and Real Devices. For tests on the native Android browser, a certificate error dialog box will pop up warning about certificate issues. On the other hand, app tests might not show this error message since pop up dialog box is dependent on the app itself. App test will fail to authenticate the login due to certificate issue. Android 5.1 has started adding support for the CyberVillains certificate, so you don't have to disable SSL bumping for this version. To disable SSL bumping, add the -B all option when you start a Sauce Connect tunnel.