Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility
Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Is there way to import server certificate into BURP and use it for perticular domain?

Venkata Mar 15, 2017 01:26PM UTC

I have a thick client application which works on its own jre and it has root certificate included in its jre/lib/security/cacerts already.

When I configure burp proxy to intercept traffic between client and server, I receive following error;

The client failed to negotiate an SSL connection to xyz.com:443: Received fatal alert: certificate_unknown

I think the server is rejecting portswigger cert during SSL/TLS negotiation
I am trying to configure server cert on BURP to present the server cert when communicating to the sever.

Please correct me if I am wrong somehwere.


Dafydd Stuttard Mar 15, 2017 03:26PM UTC Support Center agent

Are you able to install Burp’s CA certificate into the trust store for the app’s private JRE?


Venkata Mar 17, 2017 05:39PM UTC
Yes, Upon adding burp cert to private jre cert trust store. I do not see the error.
I see few req/res. But there is other http protocol traffic which is not captured by Burp. However, the data is getting loaded successfully on client. It seems strange. The client has two ways to communicate JMS and HTTP. the http traffic is not visible in burp.

Dafydd Stuttard Mar 20, 2017 09:08AM UTC Support Center agent

If the app is not honoring your configured proxy settings, so you are missing HTTP traffic, then you might need to solve this problem with invisible proxying: https://portswigger.net/burp/help/proxy_options_invisible.html

If the app is using any non-HTTP protocols, then these won’t be handled by Burp.


Post Your public answer

Your name
Your email address
Answer