Burp Suite User Forum

Create new post

TLSv1 Connection issue

PenClicker100 | Last updated: Apr 06, 2015 03:36PM UTC

How do I make Burp connect to a TLSv1, 256 bits, AES256-SHA only website?

PortSwigger Agent | Last updated: Apr 07, 2015 08:34AM UTC

In general, you might need to configure the required combination of protocol and cipher at Options / SSL / SSL Negotiation. Alternatively, you can leave the default setting to automatically select compatible parameters on negotiation failure. Burp picks up the available SSL protocols and ciphers from your Java installation. If the required cipher might not be available, you might need to install a different version of Java, or enable restricted ciphers that use larger key lengths. Burp will alert you if key lengths are restricted.

Burp User | Last updated: Apr 22, 2015 09:13PM UTC

Download "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" for whichever version of Java your running. Backup same named files in JREHOME\lib\security and then replace with files downloaded in JCE. Restart burp and your proxied browser. Confirmed resolution to this issue.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.