Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

How to load a cert bundle, cert and key?

David Laur Dec 02, 2019 08:12AM UTC

Has anyone had to load client certs for mutual tls into the latest burp recently?

Basically, I am trying to replicate the following in Burp:

curl https://domain.com/api/test --cacert ./api-trust.bundle --cert ./api-certificate.pem:password --key ./api-key.pem

Normally loading a client cert is fine in burp, but this request requires all 3 (I've tried converting it to .crt with openssl as well)


Mike Eaton Dec 02, 2019 02:26PM UTC Support Center agent

Hi David

Under “Project options → SSL → Client SSL certificates → Override user options” you can add client certificates specified by destination host.

If you package those 3 components into a PKCS#12 file and import it into Burp Suite, Burp will automatically provide that certificate when the target requests one.


David Laur Dec 02, 2019 06:58PM UTC
Oh wow that is perfect thank you! It works great, for reference I used this command to convert them:

openssl pkcs12 -export -inkey your_private_key.key -in your_certificate.cer -certfile your_chain.pem -out final_result.pfx

reference: https://www.tbs-certificates.co.uk/FAQ/en/288.html

Post Your public answer

Your name
Your email address
Answer