ProfessionalCommunity Edition
Installing Burp's CA certificate in Chrome - MacOS
-
Last updated: August 30, 2024
-
Read time: 2 Minutes
To test applications in your own browser over HTTPS, you need to install Burp Suite's CA certificate.
Note
These steps are only necessary if you want to use your own external browser for manual testing with Burp. If you prefer, you can just use Burp's browser, which is preconfigured to work with Burp Proxy already. To access Burp's browser, go to the Proxy > Intercept tab, and click Open Browser.
Before attempting to install Burp's CA certificate, make sure that you have successfully confirmed that the proxy listener is active and have configured your browser to work with Burp
Note
If you previously installed a different CA certificate generated by Burp, you should remove it before installing a new one.
To export a CA certificate from Burp Suite:
- Make sure that Burp Suite is running.
-
Visit
http://burpsuite
in Chrome. - On the "Welcome to Burp Suite Professional" page, click CA Certificate to download your unique Burp CA certificate.
- Make a note of where you save the CA certificate.
Note
If you don't see the "Welcome to Burp Suite Professional" page, please refer to the proxy troubleshooting page. Depending on what went wrong, you may be taken there automatically.
To install the CA certificate in Chrome:
- Open Chrome and go to the Customize (hamburger) menu.
- Select Settings and open the Privacy and security menu.
- From the Security menu, select Manage certificates. The Keychain Access window opens.
- Select System and then select the Certificates tab.
- Drag-and-drop the downloaded certificate into the certificates list and enter your password if required.
-
In Keychain Access, double-click the entry for
PortSwigger CA
. In the dialog that opens, expand the Trust section and select the option Always trust. Enter your password if required. - Restart Chrome.
- With Burp still running, browse to any HTTPS URL. If everything has worked, you should now be able to browse to the page without any security warnings.
Removing the Burp Suite CA certificate
To remove the CA certificate:
- Open Chrome and go to the Customize (hamburger) menu.
- Select Settings and open the Privacy and security menu.
- From the Security menu, select Manage certificates.The Keychain Access window opens.
- Select System and then select the Certificates tab.
- Right-click the certificate and select Delete. Enter your password if required.