Burp Suite User Forum

Remote host terminated the handshake

William | Last updated: May 20, 2020 09:59AM UTC

I'm trying to proxy some communication for an app on iOS. Unfortunately the app in question errors out with "The client failed to negotiate a TLS connection to site[.]com:443: Remote host terminated the connection" I've followed https://portswigger.net/support/installing-burp-suites-ca-certificate-in-an-ios-device but it didn't fully solve my problem.

Hannah, PortSwigger Agent | Last updated: May 20, 2020 01:41PM UTC

Hi. Could you tell me the version of Burp Suite you are using, and whether you are using the platform version or the standalone JAR file?

William | Last updated: May 21, 2020 05:01AM UTC

Platform Version 2020.4.1 on macOS 10.14.6

Hannah, PortSwigger Agent | Last updated: May 21, 2020 07:18AM UTC

Could you try disabling TLSv1.3? You can do this by going to "Project options > TLS > TLS negotiation > Use custom protocols and ciphers > Uncheck TLSv1.3".

William | Last updated: May 21, 2020 07:51AM UTC

Hello Hannah, I disabled TLSv1.3 as recommended, but it is still failing with the same error.

Hannah, PortSwigger Agent | Last updated: May 21, 2020 08:18AM UTC

Hi William Could you try running Burp Suite with Java 14? You will likely need to re-enable TLSv1.3. You can check the version of Java that Burp Suite is currently using by going to "Help > Diagnostics". The default version provided with the platform version of v2020.4.1 is Java 13. Are you able to proxy any traffic from your mobile device?

William | Last updated: May 21, 2020 10:31AM UTC

Hello Hannah, I am able to proxy some of the traffic, but not for all apps. I tried it with AdoptOpenJDK 14, but the error is still the same. ``` »»»» java --version openjdk 14 2020-03-17 OpenJDK Runtime Environment AdoptOpenJDK (build 14+36) OpenJDK 64-Bit Server VM AdoptOpenJDK (build 14+36, mixed mode, sharing) »»»» java -jar "/Applications/Burp Suite Professional.app/Contents/java/app/burpsuite_pro.jar" Your JRE appears to be version 14 from AdoptOpenJDK Burp has not been fully tested on this platform and you may experience problems. WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by burp.dc (file:/Applications/Burp%20Suite%20Professional.app/Contents/java/app/burpsuite_pro.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of burp.dc WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release ```

Hannah, PortSwigger Agent | Last updated: May 22, 2020 07:47AM UTC

Have you tried using the mobile assistant or an appropriate extension? - https://portswigger.net/burp/documentation/desktop/tools/mobile-assistant - Brida, Burp to Frida bridge (https://portswigger.net/bappstore/2c0def96c5d44e159151b236de766892)

You need to Log in to post a reply. Or register here, for free.