Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Letsencrypt Support

Darren | Last updated: Feb 07, 2017 06:00PM UTC

Hi all, Is there a recommended way to use Letsencrypt certificates on collaborator at all? We're using it to handle all of the DNS for a dedicated domain solely for Burp so setting up another DNS server for one request to validate ownership seems a bit of overkill. Is there a way to get collaborator to work automatically with certbot/Burp Suite? Doing it manually all the time could get tedious.

PortSwigger Agent | Last updated: Feb 08, 2017 08:56AM UTC

You can use any valid wildcard SSL certificate with Burp Collaborator. The documentation on deploying a private Collaborator server describes the configuration needed to use your wildcard SSL certificate. Regarding DNS, you don't normally need to deploy another DNS server of your own. You just need to configure your private Collaborator server as the authoritative DNS server for your chosen domain. You can usually set this up with your domain name registrar.

Burp User | Last updated: Feb 22, 2017 01:41PM UTC

I wanted to add that LetsEncrypt doesn't support wildcard certificates and won't be doing so any time soon. So you will have to purchase one from a vendor that does. You then get store the certificate in the correct format on your Burp Collaborator server and modify your configuration file as needed.

Liam, PortSwigger Agent | Last updated: Feb 22, 2017 01:44PM UTC

We've added a note to our development backlog to support CAA. Unfortunately, we can't provide an ETA.

Burp User | Last updated: Jul 02, 2018 07:22AM UTC

Hello, LetsEncrypt supports wildcard now. It is checking the Certification Authority Authorization (CAA) record for the renew. So if Collaborator supports to CAA queries, it is possible to renew the certifications automatically. So, please can you consider to add CAA support to Collaborator DNS server? Regards,

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.