Burp Suite User Forum

Login to post

Software is Preventing Firefox From Safely Connecting to This Site

B | Last updated: Jan 16, 2020 04:49PM UTC

Hello, I'm having an issue getting Burp Suite Community edition on Firefox. The issue is on all https:// websites. OS: Win 10 Pro Browser: Firefox 72.0.1 64-bit Burp Suite: 2.0.17 Community Edition So I have been a long time Burp user and know exactly how to install the certificate. I have ticked "This website can identify websites" when importing the certificate. I have verified the certificate is there and there are no duplicates. I have tried regenerating the cert and importing the new cert and restarting Firefox and still receive this error. Error: www.google.com is most likely a safe site, but a secure connection could not be established. This issue is caused by The original certificate provided by the web server is untrusted., which is either software on your computer or your network. What can you do about it? www.google.com has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site. If your antivirus software includes a feature that scans encrypted connections (often called “web scanning” or “https scanning”), you can disable that feature. If that doesn’t work, you can remove and reinstall the antivirus software. If you are on a corporate network, you can contact your IT department. If you are not familiar with The original certificate provided by the web server is untrusted., then this could be an attack, and there is nothing you can do to access the site.\ Advanced: Websites prove their identity via certificates, which are issued by certificate authorities. Firefox is backed by the non-profit Mozilla, which administers a completely open certificate authority (CA) store. The CA store helps ensure that certificate authorities are following best practices for user security. Firefox uses the Mozilla CA store to verify that a connection is secure, rather than certificates supplied by the user’s operating system. So, if an antivirus program or a network is intercepting a connection with a security certificate issued by a CA that is not in the Mozilla CA store, the connection is considered unsafe. Error code: MOZILLA_PKIX_ERROR_MITM_DETECTED I have also went into about:config and made security.ssl.enable_ocsp_stapling:false to no avail. I view the problematic certificate and it is the PortSwigger certificate that I have installed. I have concluded that this is a bug and I'm unable to use Burp at this time.

Burp User | Last updated: Jan 16, 2020 05:27PM UTC

Update: I am also having issues with Chrome. Not sure if this is an issue with the certificate generation or what. I also tried disabling security.enterprise_roots.enabled as it seems this is where the issue is stemming from in Firefox. When I go to it in the about:config It's grayed out and shows a lock and I'm unable to change the setting from true to false.

Hannah, PortSwigger Agent | Last updated: Jan 17, 2020 09:17AM UTC

Are you using the bundled platform installer or the plain .JAR file? Can you tell me what version of Java you are running? Are you seeing any errors in your Burp dashboard?

Burp User | Last updated: Jan 19, 2020 04:04PM UTC

I'm using the .EXE installer. I'm using Version 8 update update 241 of Java. The only error I see in in the even log is: Error : Proxy : [6] Connection Reset I ended somehow getting it working. I closed firefox and reopened and somehow the issue is back. Something weird is definitely going on.

Hannah, PortSwigger Agent | Last updated: Jan 20, 2020 11:37AM UTC

If you go to "Help > Diagnostics" would you be able to tell me what version of Java Burp is using (if you're using the platform installer, it may be using the bundled JDK). If you have performance feedback enabled (User options > Misc > Performance feedback), could you provide me with your Debug ID so I can check our error logs for any details?

Burp User | Last updated: Jan 23, 2020 05:14PM UTC

It appears that I've fixed the issue. I'm putting this here for anyone that may have the same issue as me. As it states in the error, the issue can be caused by an AV. The following instructions fixed my issue. https://support.eset.com/en/disable-ssl-filtering-in-eset-windows-products

Ben, PortSwigger Agent | Last updated: Jan 24, 2020 08:21AM UTC

Hi Brandon, Thank you for the information and we are glad that you were able to resolve your issue.

Faraz | Last updated: Feb 25, 2020 03:54PM UTC

Hi Brandon, I was experiencing the exact same issue. Searched for hours but got nothing. Finally, solved by disabling the SSL filtering for Firefox in NOD32. Thank You for the solution.

You need to Log in to post a reply. Or register here, for free.