13

BurpSuite can only intercept HTTP traffic. How can I also intercept HTTPS traffic on Ubuntu? I need to install the CA but how?

Silver
  • 1,075
  • 3
  • 12
  • 37

3 Answers3

16

Obtaining the certificate:

  • When chrome is configured to use Burp as a proxy, go to http://burp/cert and the DER encoded certificate will be downloaded automatically.
  • Download the certificate in BurpSuite under the Proxy->Options tab under Import / export CA certificate. Export the certificate in DER format.

Install the certificate:

  • Either by double clicking on it in your file browser (Nautilus in my case) or by importing it into Chrome.
    1. Another way of installing it is by importing directly into Chrome. Go to settings->Show advance settings... (at the bottom)->HTTPS/SSL:Manage certificates->Authorities(tab)->Import
    2. In the file selector you must set the file filter to 'DER-encoded binary..' or 'all files' to make your certificate file visible. The default file selector setting is base-64 encoded ASCII and our file is DER encoded.

Now, for the step I was missing in other explanations, in the chrome certificate manager in the tab Authorities (where you just imported the certificate), find the newly imported certificate. In my case it looked like this: enter image description here

Notice the "Untrusted", in my case this meant that it I still got the SSL warnings and the red padlock. Click on "untrusted PortSwigger CA" and click Edit...

Check "Trust this certificate for identifying websites." and click "OK". In my case the text "untrusted" didn't disappear directly but after restarting Chrome, the PortSwigger CA was trusted and SSL proxying works.

If this is a duplicate please tell me, but I haven't found a similar explanation.

Silver
  • 1,075
  • 3
  • 12
  • 37
  • This is already explained in the support pages for Burp, see https://support.portswigger.net/customer/portal/articles/1783085-installing-burp-s-ca-certificate-in-chrome. – Steffen Ullrich Dec 05 '15 at 14:25
  • 8
    Are you kidding me? This is the least helpful source available for installing a CA in chrome. They point to IE and Safari for doing the installation and don't mention trusting the CA in the settings. – Silver Dec 05 '15 at 15:05
  • I see the difference. You might add that the setup you are doing is for Linux (and only for Linux). Because the setup at their support site is for Windows and Mac OS X and there Chrome uses the CA store of the system. That's why they refer to IE/Safari on these platforms because these use the same CA store. On Linux Chrome uses instead the CA store coming with NSS, similar to Firefox. – Steffen Ullrich Dec 05 '15 at 15:13
  • 1
    This explanation didn't work for me. I looked at the certificate properties and it said the Certificate wasn't trusted because it wasn't in Trusted Root Certification Authorities. So I imported the cert to Intermediate Certification Authorities and Trusted Root Certification Authorities. Then went to chrome://restart and it fixed my problem. – Edward Severinsen Jun 07 '18 at 08:48
  • I believe that when I imported it, it automatically was added to trusted root certs. On which OS did you encounter this problem? I can update my answer if I can reproduce the issue. – Silver Jun 08 '18 at 09:59
13

For Mac: Configuring BurpSuite Proxy with HTTPS and fixing the your connection is not private message

1. Configure Chrome to use Burp as a Proxy

enter image description here

You can view detailed instructions of this step here https://support.portswigger.net/customer/portal/articles/1783070-configuring-safari-to-work-with-burp

Make sure you hit OK and Apply

2. Download and Install the Burp Certificate

http://burp/cert

You need to have the proxy enabled to do this. Once it's downloaded, double click on it to install it. Save to login keychain.

3. Modify certificate permissions

Open Keychain Access and search for "portswigger" to find the certificate. Right click and hit "Get Info".

enter image description here

Select "Always Trust". enter image description here

The red Your connection is not private message should be gone now.

Community
  • 1
  • 1
joshuakcockrell
  • 5,200
  • 2
  • 34
  • 47
3

In Kali linux with Chromium browser this work for me

  1. Start BurpSuite
  2. Open Chrome (Chromium web Browser) and type in url "127.0.0.1:8080"
  3. Click on "CA Certificate" to Download the Certificate of Burp Suite. View Image
  4. Save file "Cacert.der" is the certifcate.

Note: when i try import directly to chromium with "der" extension the web browser did not recognized the file So the solution was next:

  1. Open Firefox and click in settings or Preferences.
  2. search certificates. View Image
  3. view Certificates. View Image
  4. Click on Import button and search cert.der previosly downloaded.
  5. Then export (Firefox automatically export file with another extension "PortSwiggerCA.crt").

Now we can import the certificate in chromium web browser (The file "PortSwiggerCA.crt"). To import is the same steps for firefox:

Settings -> Search "certificates" -> view certificates -> authorities -> import

Bayron Vazquez
  • 321
  • 3
  • 9