ProfessionalCommunity Edition

Installing Burp's CA certificate in Chrome - Linux

  • Last updated: October 29, 2024

  • Read time: 2 Minutes

To test applications in your own browser over HTTPS, you need to install Burp Suite's CA certificate.

Note

These steps are only necessary if you want to use your own external browser for manual testing with Burp. If you prefer, you can just use Burp's browser, which is preconfigured to work with Burp Proxy already. To access Burp's browser, go to the Proxy > Intercept tab, and click Open Browser.

Before attempting to install Burp's CA certificate, make sure that you have successfully confirmed that the proxy listener is active and have configured your browser to work with Burp

Note

If you previously installed a different CA certificate generated by Burp, you should remove it before installing a new one.

To export a CA certificate from Burp Suite:

  1. Make sure that Burp Suite is running.
  2. Visit http://burpsuite in Chrome.
  3. On the "Welcome to Burp Suite Professional" page, click CA Certificate to download your unique Burp CA certificate.
  4. Make a note of where you save the CA certificate.
download CA certificate - Linux

Note

If you don't see the "Welcome to Burp Suite Professional" page, please refer to the proxy troubleshooting page. Depending on what went wrong, you may be taken there automatically.

To install the CA certificate in Chrome:

  1. In Chrome, open the menu in the top right corner and click Settings.
  2. In the Chrome settings, select Privacy and security > Manage certificates.
  3. In the Manage certificates dialog, go to the Authorities tab and click the Import button.

    import CA certificate - Linux
  4. Click Browse and select the cacert.der file that you downloaded earlier. Then click Select.

    Linux CA certificate
  5. Select the option Trust this certificate for identifying websites.

    Linux trust CA certificate
  6. Click OK. org-PortSwigger should now appear on the list of certificate authorities.

    Linux CA certificate success
  7. Restart Chrome.
  8. With Burp still running, try and browse to any HTTPS URL. If everything has worked, you should now be able to browse to the page without any security warnings.

Removing the Burp Suite CA certificate

To remove the Burp Suite CA certificate from Linux:

  1. Open Chrome and go to the Manage certificates menu.
  2. Go to the Authorities tab and find the entry for org-PortSwigger.
  3. Expand the entry and click the hamburger menu for PortSwigger CA.
  4. Click Delete and then click OK at the prompt.

Was this article helpful?