Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

handshake failure: unknown_ca

Tony Stark Dec 30, 2019 11:48AM UTC

Hello
Im using latest Burp in Manjaro 64 bit
Im trying to capture SSL traffic of one android app
i have modified app to capture ssl traffic using network_config xml file, also i have added CA certificate as system and user in android.
Now here we go....
Suppose whenever i press login button in android app i get unique host entry in burp every time. ex. paypal.com, yahoo.com, bing.com with suffix of huge url like...../login/sdfksjhfkshfkjshkfhskfahskfhsdfhsfks/login
But there is no relation between yahoo,paypal,bing to that application
Then after those entry i get unknown_ca error with one site.
therefore i opened that site in firefox, and i get

xyxyxyx.com uses an invalid security certificate. The certificate is not trusted because it is self-signed. Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

So i accept and continue, then site open with loads of plain text encrypted data.
that site has self sign certificate, aes-gcm 256 bit tls 1.3

But in android i get unknown_ca error
Thanks


Liam Tai-Hogan Dec 30, 2019 12:22PM UTC Support Center agent

Which version of Android are you using?


Tony Stark Dec 30, 2019 01:04PM UTC
@Liam
Im using Android 10

Tony Stark Dec 30, 2019 01:09PM UTC
I also tried with enabling custom cipher but not helped

Liam Tai-Hogan Dec 30, 2019 01:18PM UTC Support Center agent

Since Android Nougat, Android no longer trusts user or admin supplied CA certificates.

Have you checked out this blog?

https://blog.nviso.be/2018/01/31/using-a-custom-root-ca-with-burp-for-inspecting-android-n-traffic/


Tony Stark Dec 30, 2019 01:34PM UTC
yes
I have already mentioned that i have installed CA certificate as system and user too.
Also i have enable traffic capture of application by modification of network_config file of app.

Liam Tai-Hogan Dec 30, 2019 03:11PM UTC Support Center agent

Have you tested your method on more than one application?

Are you only encountering an issue with the target app?


Tony Stark Dec 30, 2019 04:36PM UTC
Yes~~
I have tested on Magisk, i can check my magisk version update without any error
Also i can receive data from some google server app
however amazon app is not working {i did not modified}
I can open some ssl site except google.com {SSL PROTOCOL ERROR}
api.amazon.com gives certificate unknown error
is `certificate_unknown` and `unknown_ca` is same??

Michelle Gillian Jan 02, 2020 11:40AM UTC Support Center agent

Just to check, are you seeing slightly different errors on different sites?

Did the certificate you installed have the v3_ca extension enabled?


Tony Stark Jan 05, 2020 06:30AM UTC
Amazon google app gives unknown_ca and certificate_unknown error.
My target app use multiple aws api request and easily capture. But otherthan aws api request i get unknown_ca error
How do i know that certificate have v3_ca enabled or not?

Michelle Gillian Jan 06, 2020 09:28AM UTC Support Center agent

This article has a section on creating a custom CA which is v3_ca enabled, so you might find this helpful:
https://blog.nviso.be/2018/01/31/using-a-custom-root-ca-with-burp-for-inspecting-android-n-traffic/


Post Your public answer

Your name
Your email address
Answer