Burp Suite User Forum

Create new post

Peer's certificate issuer has been marked as not trusted by the user.

Adam | Last updated: Jan 27, 2016 03:24PM UTC

Hi all, I have some weird issues with Burp for the last two days. It first started that some of my Extensions stopped reporting to Issues tab. I shut down Burp, restared it again and all suddent these problems happen 1) on my FireFox browser - every time when I go to HTTPS site I see message " Peer's certificate issuer has been marked as not trusted by the user. (Error code: sec_error_untrusted_issuer) " 2) on Alert tab in Burp I see a lot of "The client failed to negotiate an SSL connection to www.google.com:443: Received fatal alert: unknown_ca" 3) javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? or 4) Failed to auto-select SSL parameters for example.com I am using BurpPro for over 2y now and I did not seen these issues before. My troubleshooting steps: Restored FF settings to default Reinstalled Java Added new Proxy to FF on port 8080 Linked this with Burp Generated new CA and imported this to FF Restarted Burp, FF, laptop Updated "jce_policy-8" from Java So i should have "fresh" settings but still... anything over HTTPS won't open. Please note that HTTP sites ARE working and prox through Burp. Using: jre1.8.0_71 Burp v1.6.35 Windows 7 Pro 64bit Please share your ideas... I know that this is something to do with SSL and HTTPS but I can't fugire out what is that. PS. I am reading a lot of answers on this website - neither help so fare.

Liam, PortSwigger Agent | Last updated: Jan 27, 2016 04:25PM UTC

Hi Adam Thanks for your message. It sounds like you may need to remove any existing Burp CA certificate and reinstall it in your browser. - https://support.portswigger.net/customer/en/portal/articles/1783088-removing-burp%E2%80%99s-ca-certificate-from-firefox - https://support.portswigger.net/customer/en/portal/articles/1783087-installing-burp-s-ca-certificate-in-firefox Please let us know if you need any further assistance.

Burp User | Last updated: Feb 01, 2016 12:15PM UTC

According to Burp Support (on this site), when importing BurpCA certyficate I should get a question about "In the dialog box that pops up, check the box "'''Trust this CA to identify web sites'''", and click "OK". I can confirm that I restored the settings and even try different FireFox browser (Dev edition). I can't see this dialog box neither in Firefox or Firefox Dev ed. Why? Where I can reset this setting? Can't see anything over in Windows System registry or in about:config

Liam, PortSwigger Agent | Last updated: Feb 01, 2016 12:19PM UTC

Hi Adam Which version of FireFox are you using? Firefox has been updated since we produced the installation tutorial, we will update the tutorial page in the near future. You can edit certificate authority by going to Preferences > Advanced > Certificates > View Certificates. Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.