Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Invalid cert warnings with Chrome 64 on Ubuntu 16.04.03 with Burp version 1.7.32

William | Last updated: Feb 20, 2018 07:49PM UTC

I regenerated the Burp certificate, extracted it (cacert.der) from the above-mentioned chrome using "http://burp/cert", copied the cert to /usr/share/ca-certificates/extra, used openssl to translate the DER form to PEM form to file cacert.crt. Then ran dpkg-reconfigure ca-certificates to import the new certificate. When bringing up a secure site in the browser through the command line to set the proxy, I still get the certificate warnings, showing that it has the portswigger certificate. Additionally, chrome complains to standard error out "ERROR:cert_verify_proc_nss.cc(922) CERT_PKIXVerifyCert for translate.googleapis.com failed err=8172". I also went so far as to install the cacert.pm in /etc/ssl/certs with the same result. There must be something that i am missing.

Liam, PortSwigger Agent | Last updated: Feb 21, 2018 11:44AM UTC

Have you tried opening Chrome settings > searching for "Certificate" > using the Import function?

Burp User | Last updated: Feb 21, 2018 07:26PM UTC

I am thinking that this is a Chrome issue, as I was able to get the proxy to work properly with Firefox 58.

Liam, PortSwigger Agent | Last updated: Feb 22, 2018 09:40AM UTC

We've tested this version of Chrome with our certificate and haven't encountered the same issue.

Burp User | Last updated: Feb 22, 2018 03:50PM UTC

Liam: Yes, and that tab tells me that you need to import it via the system certificate import process. I know it gets imported, as the error message has the information from the generated certificate. As noted above, I am now thinking that this is a chrome issue, as I was able to get Firefox to work quite nicely on the same system.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.