Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Burp Collaborator polling and certificate handling

fbu Jan 16, 2020 11:13AM UTC

Hello there,
we are running a working collaborator (using a professional 2.1.07 jar for both client and server) with some kind of strange problem. The wildcard certificate is pulled in correctly by burp and all services are using it, howether, the polling service is still creating a self signed certificate and I don't see an option to configure it with a valid one for its domain (neither polling.<>.example.com nor polling.example.com)

The health check complains about being unable to connect to the https polling service: "No connections to the polling server at collabpolling.[snip] could be opened. The collaborator will not work in this configuration.", although it is reachable via a browser (of course with a certificate error because of the self signed cert).

My question is: Is this a Problem on the client side which SHOULD accept the self-signed certificate, or is there an option to configure a valid certifcate?

In the meantime we are forced to use the http polling version.

All the best,
fbu


fbu Jan 16, 2020 01:37PM UTC
Never mind, I just recognized that I can configure a second certificate within the polling stanza.
I think the configuration is not very clear on that as the sample configuration describes a self signed certifacte confi which should not be the standard.
Please feel free to close this.
All the best,
fbu

Post Your public answer

Your name
Your email address
Answer