Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum will be discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Centre. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTRE DISCORD

Create new post

Software is Preventing Firefox From Safely Connecting to This Site

Infoedge | Last updated: May 06, 2024 07:47AM UTC

Hi Team, I'm having an issue getting Burp Suite professional v2024.3.1.4 edition with Firefox [Version 125.0.3 (64-bit)]. ERROR: Software is Preventing Firefox Developer Edition From Safely Connecting to This Site www.google.com is most likely a safe site, but a secure connection could not be established. This issue is caused by PortSwigger CA, which is either software on your computer or your network. What can you do about it? www.google.com has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox Developer Edition can only connect to it securely. You can’t add an exception to visit this site. If your antivirus software includes a feature that scans encrypted connections (often called “web scanning” or “https scanning”), you can disable that feature. If that doesn’t work, you can remove and reinstall the antivirus software. If you are on a corporate network, you can contact your IT department. If you are not familiar with PortSwigger CA, then this could be an attack, and there is nothing you can do to access the site. ------------------------------------------------------------------------------ Websites prove their identity via certificates, which are issued by certificate authorities. Firefox Developer Edition is backed by the non-profit Mozilla, which administers a completely open certificate authority (CA) store. The CA store helps ensure that certificate authorities are following best practices for user security. Firefox Developer Edition uses the Mozilla CA store to verify that a connection is secure, rather than certificates supplied by the user’s operating system. So, if an antivirus program or a network is intercepting a connection with a security certificate issued by a CA that is not in the Mozilla CA store, the connection is considered unsafe. Error code: MOZILLA_PKIX_ERROR_MITM_DETECTED View Certificate Please provide solution for this ASAP, This is blocker for us.

Dominyque, PortSwigger Agent | Last updated: May 07, 2024 09:53AM UTC

Hi, If you regenerate the CA cert from within Burp (Settings> Tools> Proxy, under Proxy listeners) and then use these instructions here to install that newly downloaded cert into Firefox, does this resolve the issue: https://portswigger.net/burp/documentation/desktop/external-browser-config/certificate/ca-cert-firefox. [Make special care that you are selecting the correct trust settings as detailed in the documentation.] Please ensure that you have removed the old CA cert before installing the new one. To remove Burp's CA certificate from Firefox, go back to the View certificates > Authorities dialog and select PortSwigger CA. Then, click Delete or Distrust, click OK, and restart Firefox.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.