Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Burp Suite Proxy with java application

Shkarbatov | Last updated: May 03, 2018 01:54PM UTC

Hi! I have java application that receive proxy settings. 1) I exported der certificate from Burp Suite 2) Imported this certificate to the java keystore with keytool: keytool -import -trustcacerts -file ~/cacert_7.der -alias BURPSUITE -keystore /home/dmitriy/Test/java/lib/security/cacerts -storepass *** 3) Then check adding: keytool -keystore /home/dmitriy/Test/java/lib/security/cacerts -list -storepass *** burp, 03.05.2018, trustedCertEntry, Certificate fingerprint (SHA1): 0A:3E:E0:C0:73:E6:0E:D9:5C:8F:0A:CC:31:E1:33:37:55:2A:85:BF 4) Run my application java -jar Chameleon.jar -Djavax.net.ssl.trustStore=/home/dmitriy/Test/java/lib/security/cacerts -Djavax.net.ssl.trustStorePassword=*** But still receive an error: sun.security.validator.ValidatorException: No trusted certificate found I import this certificate to the browser and it works fine, but I have problem with java file. java -version java version "1.8.0_131" Java(TM) SE Runtime Environment (build 1.8.0_131-b11) Java HotSpot(TM) 64-Bit Server VM (build 25.131-b11, mixed mode)

Liam, PortSwigger Agent | Last updated: May 03, 2018 02:07PM UTC

It looks like you've followed the correct procedure, as detailed in this post: - https://stackoverflow.com/questions/4325263/how-to-import-a-cer-certificate-into-a-java-keystore However, your java arguments are in the wrong order. Your command to run the application should look something like: java -Djavax.net.ssl.trustStore=/home/dmitriy/Test/java/lib/security/cacerts -Djavax.net.ssl.trustStorePassword=*** -jar Chameleon.jar Please let us know if you need any further assistance.

Burp User | Last updated: May 11, 2018 02:44PM UTC

Conversation write next: https://stackoverflow.com/questions/50157307/burp-suite-proxy-with-java-application/50177906?noredirect=1#comment87525858_50177906 Thanks for help!

Burp User | Last updated: May 14, 2018 08:42AM UTC

Unfortunately stackoverflow remove my answer. So I write it hear: Problem was with trustcacerts, this file was inside jar archive. So I get this file from jar import my cert and then move it back and application start. Thanks for help!

alvinoo | Last updated: Aug 29, 2022 03:18AM UTC

How is it possible for me to intercept the traffic

alvinoo | Last updated: Aug 29, 2022 03:27AM UTC

Dhttp.proxyHost=10.0.0.100 -Dhttp.proxyPort=8800 Do i add something like this

alvinoo | Last updated: Aug 29, 2022 06:29AM UTC

java -Djavax.net.ssl.trustStore=/home/dmitriy/Test/java/lib/security/cacerts -Djavax.net.ssl.trustStorePassword=*** -jar Chameleon.jar Hi there, I have perform the following steps but getting javax.net.ssl.SSLPeerunverifiedException

Hannah, PortSwigger Agent | Last updated: Aug 30, 2022 03:45PM UTC