Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Usage of ssl certificates

Steven Bone Mar 03, 2015 12:29PM UTC

Hi, i have an address that is a restful service that requires an SSL cert inorder to access it

the address starts as: https://certapi.t6.lmuk.local/

Please note:
-This is an internal address the available to external networks
- I'm quite new to Burpsuite

Basically i'm trying to hit the address in firefox as it has been configured my proxy gone through the setting on both burp and Firefox, but when ever i hit the address a message "Error - Received fatal alert: bad_certificate". However if i do the same through chrome to get to the service i am successful. is burp using it's own certificate instead of mine which is already listed?

Liam Tai-Hogan Mar 04, 2015 02:20PM UTC Support Center agent


Thanks for your message.

Are you using a client certificate? If so, you can configure the client SSL certificate that Burp will use when a destination host requires one in the “Client SSL Certificates” section of the “SSL” tab beneath the “Options” tab.

Otherwise, as a general rule we recommend testing the web application in all major browsers (as you have done using Chrome) without proxying through Burp. If you encounter no warning then the issue reported by Burp Scanner can be considered a false positive.

Please let us know if you need any further assistance.

Post Your public answer

Your name
Your email address