Use BouncyCastle library to eliminate javax.net.ssl.SSLException errors in Burp
As our sites have had to limit SSL and support robust ciphers we have been receieveing "javax.net.ssl.SSLException' errors . To get around this issue we have Proxy chained ZAP proxy. ZAP proxy works because SSLv2 implementations on the one side vs modern implementations with ciphers and prime sizes that the native Java SSL implementation does not support. Chaining the ZAP Proxy work beacuse uses BouncyCastle, a library that provides greater support for SSL/TLS implementations than Java’s native javax.net.ssl. I request that the BouncyCastle Library also be included in Burp keeping the dependcies low and configuration to a minimum of one tool.
We hope to provide this feature of part of this years roadmap. We’ll update you when this is released.