ERROR:ssl_client_socket_openssl.cc(1158)] handshake failed with ChromeDriver Chrome browser and Selenium

You get this error when the browser asks you to accept the certificate from a website. You can set to ignore these errors by default in order avoid these errors.

For Chrome, you need to add --ignore-certificate-errors and --ignore-ssl-errors ChromeOptions() argument:

options = webdriver.ChromeOptions()
options.add_argument('--ignore-certificate-errors')
options.add_argument('--ignore-ssl-errors')
driver = webdriver.Chrome(chrome_options=options)

For the Firefox, you need to set accept_untrusted_certs FirefoxProfile() option to True:

profile = webdriver.FirefoxProfile()
profile.accept_untrusted_certs = True
driver = webdriver.Firefox(firefox_profile=profile)

For the Internet Explorer, you need to set acceptSslCerts desired capability:

capabilities = webdriver.DesiredCapabilities().INTERNETEXPLORER
capabilities['acceptSslCerts'] = True
driver = webdriver.Ie(capabilities=capabilities)

This error message...

[ERROR:ssl_client_socket_openssl.cc(855)] handshake failed; returned -1, SSL error code 1, net_error -100

...implies that the handshake failed between ChromeDriver and Chrome Browser failed at some point.

Root Cause Analysis

This error is generated due to net::SSLClientSocketImpl::DoHandshake and net::SSLClientSocketImpl implemented in ssl_client_socket_impl.cc net::SSLClientSocketImpl::DoHandshake as follows:

int SSLClientSocketImpl::DoHandshake() {
  crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
  int rv = SSL_do_handshake(ssl_.get());
  int net_error = OK;
  if (rv <= 0) {
    int ssl_error = SSL_get_error(ssl_.get(), rv);
    if (ssl_error == SSL_ERROR_WANT_CHANNEL_ID_LOOKUP) {
      // The server supports channel ID. Stop to look one up before returning to
      // the handshake.
      next_handshake_state_ = STATE_CHANNEL_ID_LOOKUP;
      return OK;
    }
    if (ssl_error == SSL_ERROR_WANT_X509_LOOKUP &&
    !ssl_config_.send_client_cert) {
      return ERR_SSL_CLIENT_AUTH_CERT_NEEDED;
    }
    if (ssl_error == SSL_ERROR_WANT_PRIVATE_KEY_OPERATION) {
      DCHECK(ssl_config_.client_private_key);
      DCHECK_NE(kSSLClientSocketNoPendingResult, signature_result_);
      next_handshake_state_ = STATE_HANDSHAKE;
      return ERR_IO_PENDING;
    }
    OpenSSLErrorInfo error_info;
    net_error = MapLastOpenSSLError(ssl_error, err_tracer, &error_info);
    if (net_error == ERR_IO_PENDING) {
      // If not done, stay in this state
      next_handshake_state_ = STATE_HANDSHAKE;
      return ERR_IO_PENDING;
    }
    LOG(ERROR) << "handshake failed; returned " << rv << ", SSL error code "
           << ssl_error << ", net_error " << net_error;
    net_log_.AddEvent(
    NetLogEventType::SSL_HANDSHAKE_ERROR,
    CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info));
  }
  next_handshake_state_ = STATE_HANDSHAKE_COMPLETE;
  return net_error;
}

As per ERROR:ssl_client_socket_openssl.cc handshake failed the main issue is the failure of handshake when ChromeDriver handshakes with SSL pages in Chrome. Though Chromium team conducts test for SSL handshake through net_unittests, content_tests, and browser_tests but were not exhaustive. Some usecases are left out relying on the upstream tests.

Conclusion

This error won't interupt the execution of your Test Suite and you can ignore this issue for the time being till it is fixed by the Chromium Team.