Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

TLS Certificate

Gurpreet | Last updated: Nov 04, 2021 06:06PM UTC

I am doing a pentest on Web application that needs client certificate to access the website. How Can I add the certificate to Burpsuite to access the web application?

Ben, PortSwigger Agent | Last updated: Nov 04, 2021 06:48PM UTC

Hi Gurpreet, You can configure client certificates under the User options -> TLS -> Client TLS Certificates section within Burp. There is more information on how this works below: https://portswigger.net/burp/documentation/desktop/options/tls#client-tls-certificates

Maria | Last updated: Nov 05, 2021 09:33AM UTC

Thanks Ben

Andreas | Last updated: Aug 04, 2022 10:39AM UTC

Where Do I see this option in Enterprise Edition ?

Ben, PortSwigger Agent | Last updated: Aug 04, 2022 04:22PM UTC

Hi Andreas, You can do this at the scan configuration level - if you select Settings (the 'gear' icon) -> Scan configurations -> New configuration and then expand the Connections -> Client TLS Certificates section you can then add your client TLS certificates here. You would then need to save and use the scan configuration when scanning the target site.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.