Burp community forum

Getting MOZILLA_PKIX_ERROR_MITM_DETECTED when trying to run burp.

Cassandra | Last updated: Apr 25, 2019 09:11PM UTC

Got this error out of nowhere as I had been running burp regularly on firefox without issues earlier in the day. I ran into the same problem on chrome as well. I have deleted the certificate, cleared the cache, unistalled firefox and cleared the profile folder, reinstalled firefox and reinstalled the certificate, and still cannot get past the error. Any insight?

Liam, PortSwigger Agent | Last updated: Apr 26, 2019 03:16PM UTC

This isn't an issue we've encountered previously. Which OS are you using? Which version of Firefox are you using? Do you have any browser extensions installed?

Burp User | Last updated: Apr 29, 2019 03:07PM UTC

I'm using Windows 10 and Firefox version 66.0.3 (64 bit). No browser extensions installed. As I said, it was very weird because it stopped working while I was using it normally. I was able to get a page that allowed me to "accept the risk" after messing with it for a while, but can't get back to it now and when I did accept the risk, the icons on the page were messed up.

PortSwigger Agent | Last updated: Apr 29, 2019 03:27PM UTC

Ok, if this just happened once, I am inclined to write it off as gremlins. If this happens again, please send us your debug ID, which is in User options > Misc > Performance Feedback and we'll investigate further.

Burp User | Last updated: Apr 29, 2019 03:59PM UTC

No, this is a continuous issue that I have not been able to fix as of yet. Debug ID is jiohv13yfye1tghpqhej:fouz

Rose, PortSwigger Agent | Last updated: Apr 29, 2019 04:20PM UTC

We couldn't find any related exceptions for your instance of Burp. Is the application public facing? Do you get the same error message using Chrome?

Burp User | Last updated: Jun 28, 2019 07:38AM UTC

Hello, I am also facing the same issue for https sites. Please let me know if you have found any solution.

Liam, PortSwigger Agent | Last updated: Jun 28, 2019 07:41AM UTC

What issues are you having with HTTPS sites? Do you encounter an error message? Have you installed the Burp CA in your browser?

Burp User | Last updated: Jun 28, 2019 09:35AM UTC

What issues are you having with HTTPS sites? Do you encounter an error message? - In firefox, I am getting this message "Software is Preventing Firefox From Safely Connecting to This Site." Error code: MOZILLA_PKIX_ERROR_MITM_DETECTED Have you installed the Burp CA in your browser? - Yes, I have already installed the certificate. It is working fine in Chrome. So I currently using the Chrome browser for Burp. Mozilla Version: 67.0.4 (64-bit) OS: Windows 10 (64 Bit) Burp Version: Burp Suite Community Edition v1.7.36 (Build 56) Let me know if you require more information.

Liam, PortSwigger Agent | Last updated: Jun 28, 2019 09:38AM UTC

Is the site publicly accessible? Are you having this issue with all HTTPS sites using Firefox?

Burp User | Last updated: Jun 28, 2019 10:03AM UTC

Is the site publicly accessible? - Yes, It is publicly accessible. Are you having this issue with all HTTPS sites using Firefox? - Yes, I have checked with 3-4 sites. Getting the same issue in all the sites.

Liam, PortSwigger Agent | Last updated: Jul 02, 2019 10:21AM UTC

Thanks for the additional information. Could you send the list of sites that you have tested. If this information is sensitive you can email us as support@portswigger.net. Additionally, could you try updating to the latest version of Burp Suite. Thanks.

Burp User | Last updated: Jul 04, 2019 01:36PM UTC

I have updated to lastest version. Burp Suite Community Edition v2.1 Build 385 I am still facing the problem. Here is the list of the URL I have checked. 1. https://www.google.com/ 2. https://www.flipkart.com/ 3. https://www.myntra.com/ I think it is not for any specific URL.

Liam, PortSwigger Agent | Last updated: Jul 08, 2019 07:19AM UTC

We've tried those sites with Burp Community and a variety of Java versions, we haven't encountered any issues. Are you using the platform installer version of Burp? Could you send us a screenshot of the Certificate installed in the Cert Authorities tab (support@portswigger.net)?

Burp User | Last updated: Aug 04, 2019 08:51PM UTC

Hello I had the same issue today, and I searched and tested multiple solutions and nothing worked for me, but I finally found a solution. When I open any URL, the message I receive from FF is about trusting the certification (I forgot the exact message, but it shows before you "Accept the risk"). So I navigated to http://burp, downloaded the certificate and imported it again to FF, and that solved my problem immediately. I hope this help. Peace and happy hunting. Ligeti

Mike, PortSwigger Agent | Last updated: Aug 06, 2019 09:27AM UTC

Hi Ashutosh, have you tried the solution posted by Jalal?

Burp User | Last updated: Sep 29, 2019 03:26PM UTC

MOZILLA_PKIX_ERROR_MITM_DETECTED firefox giving same error for all sites with burp

Burp User | Last updated: Oct 16, 2019 09:52AM UTC

I had this issue with Burp on new OS and my solution was: > Find PortswiggerCA in Certificate Manager > Click "Edit trust" > Ensure that "This certificate can identify websites" is marked. Hope this helps someone.

Burp User | Last updated: Oct 16, 2019 10:14AM UTC

I am also getting the same error @krzysztof i have done the same. Os: win 10 Firefox 69 Burp 2.1.03 Thank you

Burp User | Last updated: Oct 29, 2019 06:49AM UTC

This is definitely a generic change in firefox's behavior. I have never seen it before this year. Typically I use firefox to make sure the proxy is set up correctly, then I test my client (software under test) to make sure it is not fooled by burp. Firefox has completely broken the workflow. Now firefox is asking to add trust to the CA before it will allow an administrative override the way it used to do. I understand the decision- they did this because users can't navigate security dialogs and many of them were actually getting attacked. Sometimes by their governments. The problem at the moment for me is that I have no way to make sure everything is working through one of the browsers and google simply won't accept any unsigned certificates anymore either. Once I accept the portswigger.CA, my client software is SUPPOSED to trust burp. I suppose it's possible to add it and then remove it after I've made sure I have the proxy set up correctly but this is a bit of a painful change when performing proxy testing. I was hoping someone knew some setting in about:preferences for firefox to turn this off for experts. If that was possible we would not need to make it easy to attack people who can't navigate dialogs.

You need to Log in to post a reply. Or register here, for free.