Installing Burp's CA Certificate in Safari

If you have previously installed a different CA certificate generated by Burp, you should first remove it by following the tutorial to remove Burp's CA certificate from Safari.

With Burp running, visit http://burp in your browser and use the "CA Certificate" link to download and save your Burp CA certificate. Take note of where you save the Burp CA certificate.

 

Locate the certificate.

Copy the certificate to the "Certificate" folder in your Keychain Access.

 

In Keychain Access, double click on the Portswigger CA.

Use the caret icon to access the Trust information and ensure the Portswigger CA is always trusted.

Enter your password if required.

Restart Safari.

If everything has worked, you should now be able to visit any HTTPS URL via Burp without any security warnings.