Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility
Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Cert validity too long

Nathan Oct 14, 2016 03:41AM UTC

Hi,

The error described in the following link still happens with the latest version of Burp (1.7.07), despite being resolved as fixed in the September 8 release (1.7.06):

https://support.portswigger.net/customer/portal/questions/16671002-tls-certificate-validity-period-that-is-too-long


Dafydd Stuttard Oct 14, 2016 08:06AM UTC Support Center agent

You will need to regenerate your CA certificate and install the new certificate in your browser.


Nathan Oct 17, 2016 03:39AM UTC
Hi,

I have installed the latest version of Burp Professional (1.7.08) and regenerated the certificate. I can see now that the certificate was issued in 2014, however I still get the NET::ERR_CERT_VALIDITY_TOO_LONG error in Chrome on Android.


Nathan Oct 17, 2016 03:51AM UTC
Here are the screenshots of the error and the certificate details:

http://puu.sh/rLFeV/bdc00f142c.jpg
http://puu.sh/rLFgf/acf9ff2375.jpg

Egil Nov 28, 2016 09:05PM UTC
Have the same problem here as well. Burp 1.7.12. Can confirm that I regenerated CA cert, imported on phone (Chrome / Android 7), and still receive NET::ERR_CERT_VALIDITY_TOO_LONG (yes, the thumbprint on the issuer CA matches the newly generated certificate). Validity for end-site cert is equal to issuing cert. Burp Suite should only issue certificates valid for a couple of months or so - or at least have an option for this. Please fix?

Dafydd Stuttard Nov 29, 2016 12:11PM UTC Support Center agent

It appears that this issue is only affecting Chrome on Android. In our own testing, we’re not seeing this issue. We’re going to do some more investigation on different versions.

If anyone has more data on which specific versions are affected by this issue, it would help, thanks.


Mark Nov 30, 2016 09:17PM UTC
Using Burp 1.17.13, Android 5.1.1, Chrome 54.0.2840.85

I get the "Validity too long" error if I add Burp's certificate as a Root/System CA (http://wiki.cacert.org/FAQ/ImportRootCert#CAcert_system_trusted_certificates_.28without_lockscreen.29).

When adding as a user certificate (Settings > Security > Install from storage) it works fine.

Darren Shu Jan 06, 2017 11:30PM UTC
Using Burp 1.17.15, Chrome 55.0.2883.91, Android 6.0.1 (CyanogenMod 13 on a Nexus 6), I encountered the same issue. I worked around this problem by generating my own certificate and re-importing.

***Details***
I used the following commands to generate the PKCS#12 keystore:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout pk.key -out certificate.crt
openssl pkcs12 -export -out certificate.p12 -inkey pk.key -certfile certificate.crt -in certificate.crt

I also was able to push a converted certificate into my Android cert store /system/etc/security/cacerts/ . To do that, I wrote a script to convert the DER certificate to the Android format on Github. https://github.com/oemunlock/burp_der_cert_to_android_cert

After importing the certificate in Burp and restarting Burp, I downloaded it to my PC by viewing the Burp Proxy page (localhost:8080) and downloading the cacert.der file. After that, I used the script above and it generates a file that looks like 9a5ba575.0. From there, I ran:

adb root && adb wait-for-device remount && adb wait-for-device push [name of cert] /system/etc/security/cacerts/[name of cert]

Then checked the permissions on the file: adb shell ls -al -Z /system/etc/security/cacerts/* to make sure everything was okay and rebooted the phone.


Trevor Oct 16, 2018 01:47PM UTC
Seems that this is still an issue in Burp 2.0.8beta. These steps fixed my issue.

Post Your public answer

Your name
Your email address
Answer