Burp Suite User Forum

Login to post

NET::ERR_CERT_VALIDITY_TOO_LONG

Mahendra | Last updated: Feb 23, 2018 07:55AM UTC

Information ------------------------------------------------------------ Version : Burp 1.7.32 (Professional) Burp Proxy Server : Kali Linux Certificate : Android Device 7.0 (Nougat) Issue ---------------------------------------- NET::ERR_CERT_VALIDITY_TOO_LONG Tested using chrome, if using firefox it cannot open the URL in secure protocol. when using normal protocol / HTTP it's normal. we try with apps android to capture the traffic but no traffic were captured. i think the certificate validity too long, we already regenerate this certificate many times but the result still same. waiting for your reply, Regards, Mahendra M.W.

Liam, PortSwigger Agent | Last updated: Feb 23, 2018 12:10PM UTC

We're going to look at providing a configurable validity period. In the meantime, you can generate your own CA certificate with a suitable validity period using openssl, and import it into Burp. The dynamically generated certificates are always given the same validity period as the CA.

Burp User | Last updated: Apr 16, 2018 12:37AM UTC

Liam, do you have any updates you could share with the community please? i.e., when do you expect the option to be able to configure CA options within Burp to be released?

Liam, PortSwigger Agent | Last updated: Apr 16, 2018 07:19AM UTC

We have this logged in our development backlog and we'll inform you when the work is complete. Unfortunately, we can't provide an ETA.

Mike, PortSwigger Agent | Last updated: Apr 16, 2018 09:41AM UTC

This work has been flagged for development. We will notify this thread once it has been released.

Burp User | Last updated: Dec 13, 2019 12:56AM UTC

At this point I can only assume you're incompetent or don't have any developers working for you anymore at all. It's been 3 years since this issue came up, all this takes to fix is changing the number of days from whatever to 365. Its literally a 4 character change. This is ridiculous.

Ben, PortSwigger Agent | Last updated: Feb 04, 2020 01:56PM UTC

We have released an update (Burp Professional Version 2020.1) that incorporates your feedback and has reduced the validity of the CA Certificate. We try our best to use the feedback that adds value to all our users. Sometimes the request may be partially fulfilled or we solved the problem differently to your suggestion. Please feel free to update and provide us with any new feedback to help improve the product further.

Constantin | Last updated: Feb 14, 2020 10:45PM UTC

Hi Ben, Could you please if this issue has been sorted? I still have the same issue. Please see below https://i.imgur.com/W3dqJpR.png Thanks, Constantin

Hannah, PortSwigger Agent | Last updated: Feb 18, 2020 10:20AM UTC

Hi Constantin Can you confirm you are using 2020.1? Could you also tell me if you regenerated and imported a new certificate onto your device?

Neil | Last updated: Feb 19, 2020 09:37AM UTC

Hi I also have the same problem. I can confirm that I'm using 2020.1 and that I've regenerated and installed the cert in the system trust store of my device.

Hannah, PortSwigger Agent | Last updated: Feb 19, 2020 01:50PM UTC

Hi Neil Thank you for that information. Could you provide me with some more details about your environment so I can attempt to replicate your issue? For example, device type, OS, browser (if being used)

Neil | Last updated: Feb 19, 2020 02:33PM UTC

Hi The device is a virtualbox machine. OS is debian based. Running it from a jar. How it is executed: java -jar tools/burp/burpsuite_pro_v2020.1.jar java --version openjdk 11.0.3 2019-04-16 OpenJDK Runtime Environment (build 11.0.3+1-Debian-1) OpenJDK 64-Bit Server VM (build 11.0.3+1-Debian-1, mixed mode, sharing) openssl version OpenSSL 1.1.1b 26 Feb 2019

Hannah, PortSwigger Agent | Last updated: Feb 21, 2020 03:34PM UTC

Hi Neil Are you trying to proxy traffic from a mobile device, or from your Debian-based OS?

Neil | Last updated: Feb 26, 2020 07:37AM UTC

Hi Sorry I misunderstood the question. The device is a Google Pixel 3A Currently running Android 9 Chrome version: 80.0.3987.99 (Official)

Hannah, PortSwigger Agent | Last updated: Feb 27, 2020 10:55AM UTC

Hi Neil I've tried to replicate your issue on an Android 9 device but was able to proxy traffic from Chrome with no issues. Could you provide some more detail on the steps you took to replicate this? Is the error occurring for all websites or just specific ones?

You need to Log in to post a reply. Or register here, for free.