Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Received fatal alert: bad_record_mac

Sridevi | Last updated: Feb 18, 2015 03:44AM UTC

When https request is proxied via burp, bad_record_mac error is shown in Firefox. Alerts tab in burp shows - javax.net.ssl.SSLException: Received fatal alert: bad_record_mac

PortSwigger Agent | Last updated: Feb 18, 2015 01:42PM UTC

Can you try reinstalling the Burp CA certificate in Firefox? You'll need to first delete the existing certificate (if installed), and then install the current one. Detailed instructions are here: https://support.portswigger.net/customer/portal/articles/1783088-Installing_Remove%20CA%20Certificate%20-%20FF.html https://support.portswigger.net/customer/portal/articles/1783087-installing-burp-s-ca-certificate-in-firefox

Burp User | Last updated: Feb 22, 2015 08:25AM UTC

That did not help. I am seeing this error for every user that is trying to use the website.

PortSwigger Agent | Last updated: Feb 23, 2015 10:21AM UTC

I'm not sure what you mean by "every user that is trying to use the website". You are seeing these errors in Burp when you try to proxy HTTPS, so you are the person affected, yes? Is this happening for any HTTPS website you visit, or just one/ some?

Burp User | Last updated: Feb 23, 2015 06:53PM UTC

It is happening for my application website. Other https websites are fine.

PortSwigger Agent | Last updated: Feb 24, 2015 08:51AM UTC

Ok thanks. It is possible that this is due to quirks in the Java SSL client. Some suggested solutions: - At Options / SSL / SSL Negotiation, disable all protocols and then enable each one on its own in turn, and see if you can connect to your site. - Try using a different version of Java (6 / 7 / 8).

| Last updated: Mar 08, 2015 08:27PM UTC