Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

handshake_failure

Steve | Last updated: Feb 17, 2016 06:54PM UTC

I'm running burp v1.6.36 and using a client ssl certificate to authenticate to secure web pages. I am receiving the error handshake_failure when attempting to access and sites that require the client cert. I am using java 1.6.0_41-b02. Below is what I have tried to resolve the issues with no success. Install Java Cryptography Extension (JCE) by by copying the loca_policyl.jar and US_export_policy.jar to java PATH. Upgrade to java 1.8 and install JCE's check Allow unsafe renegotiation in the SSL options check Disable Java SNI extension in the SSL options Imported my client certificate into the "Client SSL Certificates" in the SSL options Used the java keytool to import client certificate into a new keystore I've imported the portswigger CA into my browser I tried in 2 different versions of firefox and IE 11.

PortSwigger Agent | Last updated: Feb 19, 2016 02:10PM UTC

Do you see any error messages at the point you try to install the certificate? Does anything relevant show up in the Burp alerts tab, either then or at the time of the connection failure?

Burp User | Last updated: Mar 03, 2016 05:58PM UTC

I just ran into this as well. The "handshake_failure" error is a Java error, and it was reproducible using ZAP as well as Burp on both Windows and Linux. The resolution in my case was to ensure the full certificate chain is inside the .pfx file -- the .pfx I was given only contained the end-entity certificate.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.