Burp Suite 部分https流量抓包失败问题的解决

问题描述

简而言之,burp 自带的证书是 1024位,ios9之后使用的证书是 2048位的,所以用Burp 抓包iPhone 的时候会有部分请求是报上面的错误信息,从而抓包失败。
解决办法就是换成 2048 位证书。

生成证书的方法

照搬网上的方法应用即可。

Creating a Custom CA Certificate

You can use the following OpenSSL commands to create a custom CA certificate with your own details, such as CA name:

[OpenSSL will prompt you to enter various details for the certificate. Be sure to enter suitable values for all the prompted items.]

Then click on the “Import / export CA certificate” button in Burp, and select “Cert and key in DER format”. Select ca.der as the certificate file, and server.key.pkcs8.der as the key file. Burp will then load the custom CA certificate and begin using it to generate per-host certificates.

参考

http://hyper-ze.blogspot.com/2017/01/burp-suite-https.html
https://nabla-c0d3.github.io/blog/2015/12/01/burp-ios9-ats/
http://www.secflag.com/archives/235.html

发表评论