Adding burpsuites CA cert to IE and FireFox

So we all know how great burpsuite is, but don’t we all hate getting nagged by IE and Firefox about the certificate issues? Well here’s a quick way to add burpsuites CA certificate to them.

Background: During install burpsuite generates a new CA certificate and stores the private key on your machine, if you reinstall you’ll have to repeat the steps to trust the newly generated CA again.

Steps for Internet Explorer
Setup burp to act as your proxy within the Internet Options dialogue and then go to a HTTP based site, burp will generate a certificate using it’s own CA cert. You’ll get the following error:

Click Continue to this website in order to proceed to the website.
The address bar will now be red and to the right of the address click on Certificate Error followed by View certificates

Now you’ll need to select the Certification Path tab, then click PortSwigger CA followed by View Certificate

On the new Certificate details window you should see the certificate information for PortSwiggerCA, click Install Certificate…

On the Certificate Import Wizard we need to tell IE what certificate store to place the cert in, check Place all certificates in the following store and then click Browse

Select Trusted Root Certification Authorities followed by OK.

Click Finish on the next window

You’ll then receive a security warning as you are about to install a root Certificate Authority, click Yes to accept the install.

That’s it, you’re all done, just a simple reboot of IE to ensure the new CA is taken into account.

Steps for Firefox
Setup burp to be your proxy then go to any HTTPS based site, burp will generate a custom certificate for you based on that domain and as the CA is not known you’ll get the following error:

Click Add Exception and then on the following window Get Certificate and then View
Now go to the Details tab and within the Certificate Hierarchy select PortSwigger CA

Now select Export and save the certificate to your PC.

Now go to Tools–>Options Click the Advanced tab followed by the Encryption tab. Now click View Certificates

Within the Certificate Manager click the Authorities tab followed by Import

Now import the saved certificate from earlier.

In the next window ensure you have a tick against Trust this CA to identify web sites and then click OK

Now exit out of the open windows and you’re done.

About phillips321

Penetration Tester and Linux fanboy!
This entry was posted in Uncategorized and tagged , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply