Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp not regenerate Certificate / doesn't intercept https with error: no cipher suites in common

Behroozfar | Last updated: Jun 15, 2020 04:43PM UTC

Hi I'm using Burp pro 2020.4.1 jar file in windows 7 64bit with java version 11.0.7 2020-04-14 LTS Everything is work fine in running burp, but when i wanted to configure burp and my browser and my android (v 4.4) to get https requests, i noticed that burp has no certificates. when i tried to export certificate, i got nullPointerException error. and when i tried to export cer from burp page on browser, i got the der file with 0kb size and thus no certificate. i tried to regenerate the certificate and nothing changed. everything was similar to above notes. i tried to import my own certificate into burp and that was successful. my burp has certificate now and it knows that and can export it with success. but when it comes to use that, it fails. i configure my android rightly and install certificate on it with success, but when i try to intercept https requests, i got this error everytime: The client failed to negotiate a TLS connection to (Adress):443: no cipher suites in common. i got this error with testing on browser too. Seems burp can't use some java security libraries, if i'm not wrong. I test with other java versions too, with no success. (8, 9, 11, 14) Any Help?

Ben, PortSwigger Agent | Last updated: Jun 16, 2020 12:55PM UTC

Hi, Just to clarify, you have not been able to install the Burp CA Certificate on your browser in Android? When you have your configuration setup are you able to successfully browse to HTTP sites and observe the traffic in Burp (http://scratchpads.eu is a good site to use to test this)? If so, are you able to access the http://burpsuite site in your browser and and obtain the Burp CA certificate from there?

Behroozfar | Last updated: Jun 19, 2020 12:50AM UTC

I installed burp certificate on my Android successfully and with no problem. I installed it on my chrome in windows successfully too. But i couldn't intercept TLS requests and get the above-mentioned error. I don't have any problem with http requests. Notice that i can't get any certificate if i test Regenerate certificate option and get nullpointerExeptin and i have to import my certificate. I can got certificate from butp main page, but its size is zero if Buro had generateed it.

Ben, PortSwigger Agent | Last updated: Jun 19, 2020 11:11AM UTC

Hi, Are you able to take some screenshots or a video of this behavior and send it in an email to us at support@portswigger.net so that we can see exactly what is happening?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.