Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

TLSv1.3 not accepted by server preferences

Bejal Jul 26, 2019 03:44PM UTC

Hiya

I'm trying to route traffic from an app on my android through the Burp proxy. I've set up the proxy/installed the burp certificate so that traffic can come through just fine from Chrome on my phone - however when I try run other requests on the app I get this message in the Event Log

`the client supported protocol versions [TLSv1.3, (D)TLS--5.26] are not accepted by server preferences [TLS12, TLS11, TLS10, SSL30, SSL20Hello]`

For context, i've checked `select all` on Project Options > SSL Protocols and SSL Ciphers. I've also run the .jar version of burp with the latest JDK release. I'm also quite new to Burp, so I feel like I might be missing some configuration here?

Any help or resources is appreciated! :)


Liam Tai-Hogan Jul 29, 2019 08:02AM UTC Support Center agent

Have you tried using the “Use custom protocols and ciphers” setting and only using TLSv1.3?


Bejal Lewis Jul 30, 2019 11:41AM UTC
Hi Liam, yes I have tried to do that. I've tried checking all of the options and then only checking TLSv1.3 but still to no avail

Liam Tai-Hogan Aug 06, 2019 01:23PM UTC Support Center agent

Is the application publicly accessible? If so, we’d like to do some testing to find a solution.


Anton Aug 23, 2019 10:15PM UTC
Same problem
Why does not Burp suppor TLS 1.3?

Liam Tai-Hogan Aug 28, 2019 07:13AM UTC Support Center agent

Anton, is the application you are having issues with publicly accessible? If so, we’d like to do some testing to find a solution.


Anton Aug 30, 2019 02:20PM UTC
I tested the latest facebook android app, with the same error.
Even after the so patch done.

Anton Aug 31, 2019 02:39AM UTC
Is it related to this?
https://support.portswigger.net/customer/portal/questions/17566283-enable-tlsv1-3-support

Liam Tai-Hogan Sep 02, 2019 01:39PM UTC Support Center agent

Are you able to see TLS 1.3 in the “custom protocols and ciphers”?


Post Your public answer

Your name
Your email address
Answer