Burp Suite User Forum

Create new post

using burp with certificate pinning

javi | Last updated: Dec 08, 2015 02:17PM UTC

Hi I am trying to use burp with my app, which is built with certificate pinning The certificates in my local server are self signed, so i understand i can bypass certificate pinning controls, right? When trying to connect, i have this error The client failed to negotiate an SSL connection to XXXXXXXX:443: Remote host closed connection during handshake Can anybody help? Thanks

PortSwigger Agent | Last updated: Dec 08, 2015 04:21PM UTC

Issues with certificate pinning very much depend on the details of how it is done. It's not automatic that you can bypass certificate pinning for self-signed certificates, since the pinning might validate the public key of the certificate, and you'll need the original private key to use the certificate or generate your own matching one.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.