{"id":768,"date":"2012-07-07T12:19:55","date_gmt":"2012-07-07T11:19:55","guid":{"rendered":"http:\/\/www.phillips321.co.uk\/?p=768"},"modified":"2012-08-30T12:48:40","modified_gmt":"2012-08-30T11:48:40","slug":"adding-burpsuites-ca-cert-to-ie-and-firefox","status":"publish","type":"post","link":"https:\/\/www.phillips321.co.uk\/2012\/07\/07\/adding-burpsuites-ca-cert-to-ie-and-firefox\/","title":{"rendered":"Adding burpsuites CA cert to IE and FireFox"},"content":{"rendered":"

So we all know how great burpsuite<\/a> is, but don’t we all hate getting nagged by IE and Firefox about the certificate issues? Well here’s a quick way to add burpsuites CA certificate to them.<\/p>\n

Background: During install burpsuite generates a new CA certificate and stores the private key on your machine, if you reinstall you’ll have to repeat the steps to trust the newly generated CA again.<\/p>\n

Steps for Internet Explorer<\/strong>
\nSetup burp to act as your proxy within the Internet Options dialogue and then go to a HTTP based site, burp will generate a certificate using it’s own CA cert. You’ll get the following error:
\n\"\"<\/a>
\nClick Continue to this website<\/em> in order to proceed to the website.
\nThe address bar will now be red and to the right of the address click on Certificate Error<\/em> followed by View certificates<\/em>
\n\"\"<\/a>
\nNow you’ll need to select the Certification Path<\/em> tab, then click PortSwigger CA<\/em> followed by View Certificate<\/em>
\n\"\"<\/a>
\nOn the new Certificate details window you should see the certificate information for PortSwiggerCA, click Install Certificate…<\/em>
\n\"\"<\/a>
\nOn the Certificate Import Wizard<\/em> we need to tell IE what certificate store to place the cert in, check Place all certificates in the following store<\/em> and then click Browse<\/em>
\n\"\"<\/a>
\nSelect Trusted Root Certification Authorities<\/em> followed by OK<\/em>.
\n\"\"<\/a>
\nClick Finish<\/em> on the next window
\n\"\"<\/a>
\nYou’ll then receive a security warning as you are about to install a root Certificate Authority, click Yes<\/em> to accept the install.
\n\"\"<\/a>
\nThat’s it, you’re all done, just a simple reboot of IE to ensure the new CA is taken into account.
\n\"\"<\/a><\/p>\n

Steps for Firefox<\/strong>
\nSetup burp to be your proxy then go to any HTTPS based site, burp will generate a custom certificate for you based on that domain and as the CA is not known you’ll get the following error:
\n\"\"<\/a>
\nClick Add Exception<\/em> and then on the following window Get Certificate<\/em> and then View<\/em>\"\"<\/a>
\nNow go to the Details<\/em> tab and within the Certificate Hierarchy<\/em> select PortSwigger CA<\/em>
\n\"\"<\/a>
\nNow select Export<\/em> and save the certificate to your PC.
\n\"\"<\/a>
\nNow go to Tools–>Options<\/em> Click the Advanced<\/em> tab followed by the Encryption<\/em> tab. Now click View Certificates<\/em>
\n\"\"<\/a>
\nWithin the Certificate Manager click the Authorities<\/em> tab followed by Import<\/em>
\n\"\"<\/a>
\nNow import the saved certificate from earlier.
\n\"\"<\/a>
\nIn the next window ensure you have a tick against Trust this CA to identify web sites<\/em> and then click OK<\/em>
\n\"\"<\/a>
\nNow exit out of the open windows and you’re done.<\/p>\n","protected":false},"excerpt":{"rendered":"

So we all know how great burpsuite is, but don’t we all hate getting nagged by IE and Firefox about the certificate issues? Well here’s a quick way to add burpsuites CA certificate to them. Background: During install burpsuite generates a new CA certificate and stores the private key on your machine, if you reinstall […]<\/p>\n","protected":false},"author":1,"featured_media":778,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[304,299,300,302,303,199,198,305,155,75,154,197,301],"_links":{"self":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/768"}],"collection":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/comments?post=768"}],"version-history":[{"count":5,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/768\/revisions"}],"predecessor-version":[{"id":866,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/768\/revisions\/866"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/media\/778"}],"wp:attachment":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/media?parent=768"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/categories?post=768"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/tags?post=768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}