If there is a problem, what is the first step?
Of course, to go to the official website to find FAQs and help, first to practice English
Https://portswigger.net/burp/help/proxy_options_installingCAcert.html
Note that Burp provides a DER-format certificate that must first be imported into the browser and then exported from the browser in the CER format certificate
Test environment
[+] jdk1.8.0_162[+] burp Suite 1.7.26
I. Introduction of BURP
Please see https://portswigger.net/burp/for yourself.
When using Burp site to intercept HTTPS, he will prompt that your connection is not a private connection or this connection does not trust, and this is due to the usual burp default only catch HTTP packets, HTTPS because it contains a certificate, and therefore unable to crawl properly, grasping HTTPS packets need to set up a trusted certificate.
Second, the configuration1. Configure browser agent (currently supported: IE, Firefox, Chrome, Safari, IPhone, Android)
Take Chrome For example: Set----> Show advanced Settings----> Network----> Change proxy settings
---> Click LAN Settings
---> Input ok and click OK.
2, Access http://burp, download Burp's built-in certificate
---> After download
The certificate is cacert.der, the suffix name is. der File (the certificate is not encoded in the same way), this file is not a regular. cer certificate file, the following is let the browser trust the certificate we just exported.
3. Import the certificate
chrome--Settings--Advanced--https/ssl
---> Click Manage certificates, all browsers must be installed in trusted Root Certification authorities when installing the PORTSWIGGERCA.CRT certificate
---> Click Import
---> Next
---> Next
---> Next
---> Click Finish
---> Import the Cacert.der file just now, there will be a certificate such as "Portswigger CA" (Burp built-in certificate) in the server, and then select it for export
---> Next
---> Next
---> Next
4.
Trust this certificate
Import the Portswiggerca.crt file you just made in the Certificate authority and select " Trust Web sites identified with this CA "
---> Click Import
---> Next
---> Next
---> Next
---> Click OK, then restart, on the line, under test access: https://www.baidu.com/
---> There's another way:
---> Open burp site
---> select the first option and save it on a local
---> Click Next, and then find the certificate to import chrome on the line.
third, catch the HTTPS packet
Visit https://www.baidu.com/
Normal access.
Iv. Other browser and client settings
method is similar to the above "three"
Note:
All browsers must be installed in trusted Root Certification authorities when installing the PORTSWIGGERCA.CRT certificate
such as: Chrome
Reference 1
Reference 2
Reference 3
Web security Burpsuite Crawling HTTPS requests