Burp Suite User Forum

Login to post

err_cert_authority_invalid

Marrem | Last updated: Sep 20, 2022 01:12AM UTC

Hello there. I think I did everything right but I still get this error : err_cert_authority_invalid I am using Android 12 - miui13.6.0. I converted the burp certificate to pem. I sent it to my phone's root certificate location. But when I set the proxy, I can't access the internet.I tried chorme, firefox and yandex. But it didn't work. I have google_cacerts folder on my phone. I sent the certificate there too. I had the same problem again. What should I do? I will add screenshots. I'm sure I set everything right.I set my proxy correctly. I deleted all User certificates. I thought maybe it would fix it, I added a user certificate but it still didn't work. When I check safetynet I get "can't access google play" error. But when I turn off the proxy, it gets fixed. I installed android 5.0 on android emulator to try. I got the same error again, but when I clicked the okey button, I was able to enter the site. I am waiting for your help. https://pasteboard.co/NJRdbGJL3W7r.jpg https://pasteboard.co/PTuaD5HaCiJs.jpg https://pasteboard.co/dFhJCSecsGtW.jpg https://pasteboard.co/F3gT5JFSf7lS.jpg (Before sharing this post, I created a pem file again. I deleted everything, then re-sent the certificate. But the result is the same. It didn't work..

Ben, PortSwigger Agent | Last updated: Sep 20, 2022 04:59PM UTC

Hi Marrem, Are you able to provide us with some details of the steps that you have taken to convert the Burp CA certificate? In addition to the above, are you also able to provide us with screenshots of how you have configured the proxy settings (so a screenshot of the Proxy -> Options -> Proxy Listeners section in Burp and a screenshot of your proxy settings on the mobile device)? Finally, if you attempt to proxy a simple HTTP site using your existing configuration (http://example.com is a good site to use for testing purposes) do you see both the traffic in Burp and the site load within the browser or do you still encounter issues with non-HTTPS sites?

Marrem | Last updated: Sep 21, 2022 12:37AM UTC

https://pasteboard.co/Tu2AeFVFkiPt.png https://pasteboard.co/gBiqauwB0qGn.jpg " openssl x509 -inform der -in cacert.der -out burp.pem " I used the above commands to make the certificate sir. Http or https doesn't matter. I'm still getting the same error. Today I created a new device in android emulator. I created a new certificate but it still didn't work. T When I look at the root certificates in my phone's settings menu, I can see the port swigger. It doesn't work on my android 12 physical device and android 5-6 emulator.

Marrem | Last updated: Sep 21, 2022 12:41AM UTC

(Sorry, In the 2nd photo, my proxy port is 8000 on the phone. I misspelled it while typing to take a screenshot. Normally, I write 8080 there.)

Ben, PortSwigger Agent | Last updated: Sep 22, 2022 07:11AM UTC

Hi Marrem, In the first instance, it would be good to make sure that your proxy connection is working correctly and you can proxy simple HTTP traffic (it sounds like this initial step is not working for you) before then trying to resolve the issues that you are experiencing with HTTPS traffic. Can you clarify what you mean when you mention "Http or https doesn't matter. I'm still getting the same error"? If you are trying to proxy an HTTP site then there should not be any certificate involved - what are you seeing when you do try and proxy http://example.com? To confirm a couple of other things - Is your mobile device connected to the same network as the machine that Burp is running on? If you disable the existing proxy listeners that you have configured and create a new one listening on all interfaces and bound to port 8080, does this improve things (the screenshot here illustrates what this should look like - https://pasteboard.co/AedJ4Sar13R6.png)?

You need to Log in to post a reply. Or register here, for free.