Burp Suite User Forum

Create new post

How can I intercept traffic on iOS 10?

Vinicius | Last updated: Dec 07, 2016 03:53AM UTC

Always when I try to intercept traffic from some specific Apps on iOS 10 I get the error below. The client failed to negotiate an SSL connection to graph.facebook.com:443: Received fatal alert: unknown_ca I did some research and I came across to this article: https://nabla-c0d3.github.io/blog/2015/12/01/burp-ios9-ats/ It says that I need to generate a 2048 bits certificate and private key in order to intercept traffic on iOS 9, I'm not sure if the same applies to iOS 10. What would be the easiest way to generate that certificate? Or is there any easier solution to intercept traffic on iOS 10?

Liam, PortSwigger Agent | Last updated: Dec 07, 2016 09:46AM UTC

Hi Vinny Thanks for your message. Generating the certificate might solve your issue. However, some native apps use their own certificate trust store, and some implement certificate pinning to only trust specific server-side certificates. In this situation, breaking the SSL tunnel is non-trivial and may entail jailbreaking the device or using some other advanced tools. Have you tried using the NoPE extension? - https://github.com/summitt/Burp-Non-HTTP-Extension

Burp User | Last updated: Feb 25, 2017 09:33AM UTC

Same issue. Any help is much appreciated. HTTP Traffic - Able to intercept HTTPS Traffic - Even a browser one (after installing Burp CA on IOS), not able to intercept Native apps - Oh yes, the pinning issue should be taken into account. But for non pinned apps and direct HTTPS traffic on a browser, no luck :(

Liam, PortSwigger Agent | Last updated: Feb 27, 2017 10:42AM UTC

Hi Chin Thanks for your message. Which browser are you using? Have you tried using the devices native browser?

Burp User | Last updated: Mar 30, 2017 04:00PM UTC

Had the same issue. even creating my own ca as described above did not help. What did finally let my intercept my https traffic again: On some versions of iOS you may need to go to "Enable Full Trust for the PortSwigger CA". You can configure this setting at Settings > General > About > Certificate Trust Settings . https://support.portswigger.net/customer/portal/articles/1841109-installing-burp-s-ca-certificate-in-an-ios-device it definitely has to be in a more prominent place than the bottom of that page

Liam, PortSwigger Agent | Last updated: Mar 31, 2017 08:12AM UTC

Hi Schmidan Thanks for your message. This setting has only recently been implemented. We'll make this more prominent in our documentation in due course.

Burp User | Last updated: Jun 19, 2017 12:25AM UTC

Hi Guys, I have added the cert and can see that the cert shows as a CA. I can proxy traffic on http and on some https sites however when I view the trusted certificate settings on the iOS, the portswigger cert is available. There are no certificates that I can approve as trusted. I am using iOS 10.3.2. When I navigate through our test app, I get a message that the certificate is invalid and generally warns of a potential mitm attack. Any help on how this can be rectified?

PortSwigger Agent | Last updated: Jun 19, 2017 08:27AM UTC

Hi Chris, Thanks for getting in touch. So you can access HTTPS sites using the browser, but the app doesn't accept the certificate? It sounds like the app is doing certificate pinning. This can be tricky to get around. If you have a jailbroken device, you can use Burp Mobile Assistant: - https://portswigger.net/burp/help/mobile_testing_using_mobile_assistant.html

PortSwigger Agent | Last updated: Jul 11, 2017 02:20PM UTC

Hi Vinny, There general approach in this case is to set up your testing laptop as a wireless access point and have the device connect to it. That gives you full control of the traffic. I just had a quick look for a third party tutorial that explains this and haven't found one. I'm sure I've see one before - it's a common technique - so you should find one if you keep looking. Please let us know if you need any further assistance.

Burp User | Last updated: Nov 28, 2018 12:57PM UTC

Hi Another big problem intercepting iOS apps is webviews, which ignore proxy settings and just go pass the burp. :-( Any good idea how to deal with this assuming Mobiel Assistant (a jailbroken phone) is a no go. Thanks!

Burp User | Last updated: Feb 28, 2019 07:44AM UTC


Liam, PortSwigger Agent | Last updated: Mar 01, 2019 12:05PM UTC

Soumya, is the error message in Burp's Event log?

Burp User | Last updated: Jul 03, 2019 03:27PM UTC

I am using iOS version 12.2. I have installed burp certificate & Enabled Full Trust for the PortSwigger CA". I can easily intercept the internet browsing( http & https both) but I am unable to intercept the application(xyz) traffic & can browse the application(xyz) easily when intercept is on. Please suggest what needs to done?. I am getting an error saying FAIL TO CONNECT TO application(xyz) P.S.: the application(xyz) is already verified.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.