I get on 90% hosts the ssl error for handshake:
java.net.ssl.SSLException: Received fatal alert: hanshake_failure.
I'm using burp with embedded JRE and SNI extensions disabled.
I've also tried to remove TLS 1.3 in list because the host maybe doesn't support it but no luck.
I have latest version of Burp Suite Professional 2.1.07, any advice?
Is this a bug?
Let me know because I need to proceed with my testings and my work at the moment is blocked.
Ivan, is the site you are working on publicly accessible? If so, could you email the details to firstname.lastname@example.org.
Alternatively, could you provide screenshots of the error messages?
I also suggest to use BouncyCastle library as they have much more support for SSL and minor problems.
Glad to hear you resolved your issue by using a different Java version.
In version 2.1.07, we have improved our SSL/TLS coverage (http://releases.portswigger.net/). This was done by using the BouncyCastle library.
That's strange by the way, because with owasp zap i have no problem connecting.
Maybe i've setupped something bad?
Any ideas? Except for SNI disabled and accept invalid SSL certificates (in project options->tls).
Maybe this could be a problem of website's certificate?
Thanks for support!
Are you able to disclose which sites you are having issues with and are they publicly available so that we can investigate further?
If you would prefer to send us an email with this information then please feel free (you can send this to email@example.com).