Is there way to import server certificate into BURP and use it for perticular domain?
I have a thick client application which works on its own jre and it has root certificate included in its jre/lib/security/cacerts already.
When I configure burp proxy to intercept traffic between client and server, I receive following error;
The client failed to negotiate an SSL connection to xyz.com:443: Received fatal alert: certificate_unknown
I think the server is rejecting portswigger cert during SSL/TLS negotiation
I am trying to configure server cert on BURP to present the server cert when communicating to the sever.
Please correct me if I am wrong somehwere.
Are you able to install Burp’s CA certificate into the trust store for the app’s private JRE?
I see few req/res. But there is other http protocol traffic which is not captured by Burp. However, the data is getting loaded successfully on client. It seems strange. The client has two ways to communicate JMS and HTTP. the http traffic is not visible in burp.
If the app is not honoring your configured proxy settings, so you are missing HTTP traffic, then you might need to solve this problem with invisible proxying: https://portswigger.net/burp/help/proxy_options_invisible.html
If the app is using any non-HTTP protocols, then these won’t be handled by Burp.