Burp Suite User Forum

Create new post

Is there way to import server certificate into BURP and use it for perticular domain?

Venkata | Last updated: Mar 15, 2017 01:26PM UTC

I have a thick client application which works on its own jre and it has root certificate included in its jre/lib/security/cacerts already. When I configure burp proxy to intercept traffic between client and server, I receive following error; The client failed to negotiate an SSL connection to xyz.com:443: Received fatal alert: certificate_unknown I think the server is rejecting portswigger cert during SSL/TLS negotiation I am trying to configure server cert on BURP to present the server cert when communicating to the sever. Please correct me if I am wrong somehwere.

PortSwigger Agent | Last updated: Mar 15, 2017 02:05PM UTC

Are you able to install Burp's CA certificate into the trust store for the app's private JRE?

Burp User | Last updated: Mar 17, 2017 05:39PM UTC

Yes, Upon adding burp cert to private jre cert trust store. I do not see the error. I see few req/res. But there is other http protocol traffic which is not captured by Burp. However, the data is getting loaded successfully on client. It seems strange. The client has two ways to communicate JMS and HTTP. the http traffic is not visible in burp.

PortSwigger Agent | Last updated: Mar 20, 2017 09:06AM UTC

If the app is not honoring your configured proxy settings, so you are missing HTTP traffic, then you might need to solve this problem with invisible proxying: https://portswigger.net/burp/help/proxy_options_invisible.html If the app is using any non-HTTP protocols, then these won't be handled by Burp.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.