PROFESSIONAL

• Last updated: December 21, 2021

• Read time: 2 Minutes

Before attempting to install Burp's CA certificate, make sure that you have successfully confirmed that the proxy listener is active and have configured your browser to work with Burp

Unfortunately, the process for installing Burp's CA certificate for use with Chrome differs slightly depending on your operating system.

Installing Burp's CA certificate in Chrome - Windows and MacOS

Unlike other browsers, Chrome does not have its own trust store. This means that you do not install Burp's CA certificate directly in Chrome. Instead, you install Burp's CA certificate in your computer's built-in browser (Internet Explorer on Windows, Safari on MacOS) and Chrome will automatically use the certificate as well.

If you want to use Chrome with Burp, please follow the process for installing the CA certificate in the relevant browser for your operating system:

• MacOS (Safari)
• Windows (Internet Explorer)

Once you have successfully installed Burp's CA certificate on your computer's built-in browser, restart Chrome. With Burp still running, try and browse to any HTTPS URL. If everything has worked, you should now be able to browse to the page without any security warnings.

Installing Burp's CA certificate in Chrome - Linux

On Windows and MacOS, the Chrome browser picks up the certificate trust store from your host computer. However, on Linux you'll need to install the certificate via the browser settings.

With Burp running, visit http://burpsuite in Chrome. You should be taken to a relatively plain web page that says "Welcome to Burp Suite Professional". If not, please refer to the proxy troubleshooting page. Depending on what went wrong, you may be taken there automatically.

In the top-right corner of the page, click CA Certificate to download your unique Burp CA certificate. Take note of where you save this.

Open the Chrome browser settings by opening the menu in the top-right corner of the browser and clicking Settings.

In the Chrome settings, search for Certificates, click Security, and select the option Manage certificates.

In the Manage certificates dialog, go to the Authorities tab and click the Import button.

Click Browse and select the cacert.der file that you downloaded earlier. Then click Open.

Select the option Trust this certificate for identifying websites.

Click OK.

org-PortSwigger should now appear on the list of certificate authorities.

With Burp still running, try and browse to any HTTPS URL. If everything has worked, you should now be able to browse to the page without any security warnings.