Burp Suite: Chrome HTTPS Access Issues

TL;DR

Chrome not trusting Burp’s certificate? This guide walks you through common fixes, from checking your system clock to importing the correct CA certificate and configuring Chrome settings.

Troubleshooting Steps

1. Check System Clock

• Burp Suite certificates are time-sensitive. An incorrect date/time on your computer can cause them to be flagged as invalid by Chrome.
• Ensure your system clock is accurate. Sync with an internet time server if necessary.

Verify Burp Certificate Installation

• Open your operating system’s certificate manager (search for ‘Manage Certificates’ in Windows, or use Keychain Access on macOS).
• Look for the Burp Suite CA certificate under ‘Trusted Root Certification Authorities’.
• If it’s missing, download it again from Burp’s website and re-install it. Make sure you choose the correct format for your OS (usually .cer or .pem).

Import Burp CA Certificate into Chrome

• Open Chrome settings: chrome://settings/certificates
• Select the ‘Authorities’ tab.
• Click ‘Import…’.
• Browse to and select the downloaded Burp Suite CA certificate file.
• Ensure you check the box ‘Trust this certificate for identifying websites’.
• Click ‘OK’.

Check Chrome Command-Line Flags

• Chrome might be launched with flags that disable proxy settings or certificate verification.
• Close all instances of Chrome.
• Open a command prompt/terminal and launch Chrome with the following flag to ignore certificate errors (use this for testing only, not as a permanent solution):

  chrome --ignore-certificate-errors

• If this works, it confirms a flag issue. Investigate how Chrome is being launched (e.g., shortcuts, task scheduler) and remove any conflicting flags.

Clear Chrome’s SSL State

• Open Chrome settings: chrome://settings/certificates
• Select the ‘Personal’ tab.
• Delete any certificates related to Burp Suite or PortSwigger.
• Restart Chrome.

Configure Chrome Proxy Settings

• Open Chrome settings: chrome://settings/proxy
• Select ‘Use proxy server’.
• Enter the Burp Suite proxy address (usually 127.0.0.1) and port (usually 8080).
• Ensure that ‘Bypass proxy server for local addresses’ is unchecked if you want to intercept traffic to internal sites.

Restart Chrome Completely

• Close all Chrome windows and processes. Use Task Manager (Windows) or Activity Monitor (macOS) to ensure no Chrome instances are running in the background.
• Re-launch Chrome.

Check Burp Suite Proxy Listener

• In Burp Suite, go to ‘Proxy’ -> ‘Options’.
• Under ‘Listener’, verify that the proxy is running on 127.0.0.1:8080 (or your configured address/port).
• Ensure the listener is bound to all interfaces or specifically to the interface Chrome is using.

Firewall/Antivirus Interference

• Your firewall or antivirus software might be blocking Burp Suite’s traffic.
• Temporarily disable your firewall/antivirus (use caution!) and see if Chrome can access HTTPS sites through Burp. If so, configure exceptions for Burp Suite in your firewall/antivirus settings.