Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Unable to intercept android traffic

Tejas | Last updated: Feb 23, 2022 05:26AM UTC

Hello I am using Burp Suite Community Edition . (v2022.1.1) . I want to intercept the traffic for Android applications but I am unable to do so . I have downloaded the CA Certificate on my android smart phone and I am able to get traffic for the Browser on my phone but when i open any app like LinkedIn i get the error: error proxy [43] the client failed to negotiate a tls connection to realtime.www.linkedin.com:443: received fatal alert: certificate_unknownKindly suggest what to do . We want to test a self developed app for security and that is why carrying out this exercise

Ben, PortSwigger Agent | Last updated: Feb 23, 2022 09:14AM UTC

Hi Tejas, Can you confirm which version of Android you are using on your device? If you are using 7.0 or above then you need to install the certificate in a slightly different manner (due to a change in how user supplied certificates are trusted after this version of Android). The following is a good guide on what you need to carry out (if you follow from the 'Install Burp CA as a system-level trusted CA' section): https://blog.ropnop.com/configuring-burp-suite-with-android-nougat/ Essentially, you need to convert the Burp CA Certificate and install it in the system level certificate location on your Android device (this normally needs to be carried out on a rooted device).

Amalahasan | Last updated: Feb 23, 2022 03:52PM UTC

Hi I am too facing the same problem.(error proxy [] the client failed to negotiate a tls connection to realtime.XXX.XXXXXXXXX.XXX:443: received fatal alert: certificate_unknown) Device logged as root & CA root certificates are also installed on the emulated android device but still it throwing the same error. Also, tried by disabling the TSL protocols to default & HTTP2. Burpsuite & Emulator Details: Burp Suite Community Edition(v2022.1.1) Emulator - Pixel XL(Android API 29) Please help me to fix this issue.

Ben, PortSwigger Agent | Last updated: Feb 24, 2022 08:37AM UTC

Hi, Just to clarify, are you seeing this error when trying to proxy the traffic of a specific app or does this error occur generally (does it also occur when you browse to HTTPS sites in the browser of your mobile device, for example)?

Amalahasan | Last updated: Feb 25, 2022 03:50AM UTC

I am facing this error for both the scenarios. I couldn't intercept the data traffic of a specific app & couldn't browse to HTTPS sites in the mobile browser as well.

Amalahasan | Last updated: Feb 25, 2022 03:50AM UTC

I am facing this error for both the scenarios. I couldn't intercept the data traffic of a specific app & couldn't browse to HTTPS sites in the mobile browser as well.

Tejas | Last updated: Feb 25, 2022 06:29AM UTC

Dear Ben Greetings and Thanks for response. I am using Android version 11.Will try this method and let you know .

Ben, PortSwigger Agent | Last updated: Feb 25, 2022 08:28AM UTC

Hi Amalahasan, That would suggest there is an issue with the Burp CA certificate. As noted in my earlier message, if you are using Android 7.0 or above then you will need to install the certificate differently - please try the method detailed in my previous forum message and see if this improves things for you.

Andrii | Last updated: Apr 25, 2022 08:54PM UTC

Hello, we have a similar problem. We have two rooted devices on Android 8.1 and Android 11, both with certificates installed in the system section, but the https traffic is not proxied from any Android app that doesn't have SSL Pinning. We receive this error message: ``` The client failed to negotiate a TLS connection to www.google.com:443: Received fatal alert: certificate_unknown ``` This problem never happened before, it occurred after a full MacOS reinstall to Monterey and download latest Burp Suite.

Andrii | Last updated: Apr 25, 2022 10:10PM UTC

An interesting observation: if install the certificate by user (via Android settings) the traffic from the browser proxyed. But after moving it to the system directory it doesn't work (behavior described above): ``` su mount -o rw,remount /system mv /data/misc/user/0/cacerts-added/9a5ba575.0 /system/etc/security/cacerts/ chmod 644 /system/etc/security/cacerts/9a5ba575.0 chown root:root /system/etc/security/cacerts/9a5ba575.0 reboot ```

Ben, PortSwigger Agent | Last updated: Apr 26, 2022 06:54AM UTC