Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Import Client SSL Certificates (.CER files)

Tyler | Last updated: Mar 01, 2018 07:06AM UTC

I was trying to load a .CER file into the Client SSL section for the proxy server, however it says it requires a password. Is there any way around this? I tried the Openssl method of setting a custom password except there doesn't seem to be any documentation of .CER files. I'm trying to access a company site that requires a certain certificate and hardware token. The hardware token works just fine though. I'm running Burp Suite Community Edition 1.7.32 on Ubuntu Mate.

PortSwigger Agent | Last updated: Mar 01, 2018 09:44AM UTC

Hi Tyler, Unfortunately, Burp does not support certificates without passwords. You will need to add one using the OpenSSL command line. Burp needs the certificate in PKCS#12 format, which includes both the certificate and private key. If you have the key as well as the .cer file, you can convert it by following these instructions: - https://stackoverflow.com/questions/39091048/convert-cer-to-p12 Please let us know if you need any further assistance.

Burp User | Last updated: May 13, 2018 01:01PM UTC

Client SSL Certificates does not work I added a record in the client SSL certificates configuration user options-> ssl, chrome request is not the corresponding certificate I added, I do not know what conditions to make the client match to this article I added, how do I not configure Effective.

Liam, PortSwigger Agent | Last updated: May 15, 2018 01:36PM UTC