Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

certificate_unknown

Robert | Last updated: May 11, 2018 03:39PM UTC

I have an iOS app I'm testing on an iPhone 5c running iOS 10.3.3. The Burp certificate is correctly installed on the device as I'm able to see https web requests and https app requests from other applications within Burp without issue. When I launch the target app I receive "The client failed to negotiate an SSL connection to <client>.com:443: Received fatal alert: certification_unknown" in Burp alerts window. Within the app I receive an NSURLErrorDomain error code of -1200. In Burp I have the following set: project options -> SSL -> SSL Protocols -> All enabled project options -> SSL -> SSL Ciphers -> All enabled project options -> SSL -> SSL Negotiation Workarounds -> Automatically select compatible SSL parameters on negotiation failure project options -> SSL -> SSL Negotiation Workarounds -> Allow unsafe renegotiation (required for some client certificates) user options -> SSL -> Java SSL Options -> Enabled algorithms blocked by Java security policy Under C:\Program Files\BurpSuitePro\jre\lib\security I have replaced the local_policy.jar and US_export_policy.jar with the export controlled versions. Any ideas? The client has informed me cert pinning is not implemented in the target app under test.

Liam, PortSwigger Agent | Last updated: May 11, 2018 03:55PM UTC