ProfessionalCommunity Edition
Installing Burp's CA certificate in Chrome - Linux
-
Last updated: October 29, 2024
-
Read time: 2 Minutes
To test applications in your own browser over HTTPS, you need to install Burp Suite's CA certificate.
Note
These steps are only necessary if you want to use your own external browser for manual testing with Burp. If you prefer, you can just use Burp's browser, which is preconfigured to work with Burp Proxy already. To access Burp's browser, go to the Proxy > Intercept tab, and click Open Browser.
Before attempting to install Burp's CA certificate, make sure that you have successfully confirmed that the proxy listener is active and have configured your browser to work with Burp
Note
If you previously installed a different CA certificate generated by Burp, you should remove it before installing a new one.
To export a CA certificate from Burp Suite:
- Make sure that Burp Suite is running.
-
Visit
http://burpsuite
in Chrome. - On the "Welcome to Burp Suite Professional" page, click CA Certificate to download your unique Burp CA certificate.
- Make a note of where you save the CA certificate.
Note
If you don't see the "Welcome to Burp Suite Professional" page, please refer to the proxy troubleshooting page. Depending on what went wrong, you may be taken there automatically.
To install the CA certificate in Chrome:
- In Chrome, open the menu in the top right corner and click Settings.
- In the Chrome settings, select Privacy and security > Manage certificates.
-
In the Manage certificates dialog, go to the Authorities tab and click the Import button.
-
Click Browse and select the
cacert.der
file that you downloaded earlier. Then click Select. -
Select the option Trust this certificate for identifying websites.
-
Click OK.
org-PortSwigger
should now appear on the list of certificate authorities. - Restart Chrome.
- With Burp still running, try and browse to any HTTPS URL. If everything has worked, you should now be able to browse to the page without any security warnings.
Removing the Burp Suite CA certificate
To remove the Burp Suite CA certificate from Linux:
- Open Chrome and go to the Manage certificates menu.
-
Go to the Authorities tab and find the entry for
org-PortSwigger
. -
Expand the entry and click the hamburger menu for
PortSwigger CA
. - Click Delete and then click OK at the prompt.