Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Getting MOZILLA_PKIX_ERROR_MITM_DETECTED when trying to run burp.

Cassandra R Apr 25, 2019 09:11PM UTC

Got this error out of nowhere as I had been running burp regularly on firefox without issues earlier in the day. I ran into the same problem on chrome as well. I have deleted the certificate, cleared the cache, unistalled firefox and cleared the profile folder, reinstalled firefox and reinstalled the certificate, and still cannot get past the error. Any insight?


Liam Tai-Hogan Apr 26, 2019 03:18PM UTC Support Center agent

This isn’t an issue we’ve encountered previously.

Which OS are you using?

Which version of Firefox are you using?

Do you have any browser extensions installed?


Cassandra R Apr 29, 2019 03:07PM UTC
I'm using Windows 10 and Firefox version 66.0.3 (64 bit). No browser extensions installed. As I said, it was very weird because it stopped working while I was using it normally. I was able to get a page that allowed me to "accept the risk" after messing with it for a while, but can't get back to it now and when I did accept the risk, the icons on the page were messed up.

Paul Johnston Apr 29, 2019 03:43PM UTC Support Center agent

Ok, if this just happened once, I am inclined to write it off as gremlins.

If this happens again, please send us your debug ID, which is in User options > Misc > Performance Feedback and we’ll investigate further.


Cassandra R Apr 29, 2019 03:59PM UTC
No, this is a continuous issue that I have not been able to fix as of yet. Debug ID is jiohv13yfye1tghpqhej:fouz

Rose Krawczuk Apr 30, 2019 09:53AM UTC Support Center agent

We couldn’t find any related exceptions for your instance of Burp.

Is the application public facing?

Do you get the same error message using Chrome?


Gulammustufa Momin Jun 28, 2019 07:38AM UTC
Hello,
I am also facing the same issue for https sites. Please let me know if you have found any solution.

Liam Tai-Hogan Jun 28, 2019 07:42AM UTC Support Center agent

What issues are you having with HTTPS sites? Do you encounter an error message? Have you installed the Burp CA in your browser?


Gulammustufa Momin Jun 28, 2019 09:35AM UTC
What issues are you having with HTTPS sites? Do you encounter an error message?
- In firefox, I am getting this message "Software is Preventing Firefox From Safely Connecting to This Site."
Error code: MOZILLA_PKIX_ERROR_MITM_DETECTED

Have you installed the Burp CA in your browser?
- Yes, I have already installed the certificate. It is working fine in Chrome. So I currently using the Chrome browser for Burp.

Mozilla Version: 67.0.4 (64-bit)
OS: Windows 10 (64 Bit)
Burp Version: Burp Suite Community Edition v1.7.36 (Build 56)

Let me know if you require more information.

Liam Tai-Hogan Jun 28, 2019 09:38AM UTC Support Center agent

Is the site publicly accessible?

Are you having this issue with all HTTPS sites using Firefox?


Gulammustufa Momin Jun 28, 2019 10:03AM UTC
Is the site publicly accessible?
- Yes, It is publicly accessible.

Are you having this issue with all HTTPS sites using Firefox?
- Yes, I have checked with 3-4 sites. Getting the same issue in all the sites.

Liam Tai-Hogan Jul 02, 2019 10:23AM UTC Support Center agent

Thanks for the additional information.

Could you send the list of sites that you have tested. If this information is sensitive you can email us as support@portswigger.net.

Additionally, could you try updating to the latest version of Burp Suite. Thanks.


Gulammustufa Momin Jul 04, 2019 01:36PM UTC
I have updated to lastest version.
Burp Suite Community Edition v2.1 Build 385
I am still facing the problem.
Here is the list of the URL I have checked.
1. https://www.google.com/
2. https://www.flipkart.com/
3. https://www.myntra.com/

I think it is not for any specific URL.

Liam Tai-Hogan Jul 09, 2019 12:36PM UTC Support Center agent

We’ve tried those sites with Burp Community and a variety of Java versions, we haven’t encountered any issues. Are you using the platform installer version of Burp?

Could you send us a screenshot of the Certificate installed in the Cert Authorities tab (support@portswigger.net)?


Jalal Sela Aug 04, 2019 08:51PM UTC
Hello

I had the same issue today, and I searched and tested multiple solutions and nothing worked for me, but I finally found a solution.

When I open any URL, the message I receive from FF is about trusting the certification (I forgot the exact message, but it shows before you "Accept the risk").

So I navigated to http://burp, downloaded the certificate and imported it again to FF, and that solved my problem immediately.

I hope this help.

Peace and happy hunting.
Ligeti

Post Your public answer

Your name
Your email address
Answer