Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

ProfessionalCommunity Edition

Installing Burp's CA certificate in Chrome - MacOS

  • Last updated: August 30, 2024

  • Read time: 2 Minutes

To test applications in your own browser over HTTPS, you need to install Burp Suite's CA certificate.

Note

These steps are only necessary if you want to use your own external browser for manual testing with Burp. If you prefer, you can just use Burp's browser, which is preconfigured to work with Burp Proxy already. To access Burp's browser, go to the Proxy > Intercept tab, and click Open Browser.

Before attempting to install Burp's CA certificate, make sure that you have successfully confirmed that the proxy listener is active and have configured your browser to work with Burp

Note

If you previously installed a different CA certificate generated by Burp, you should remove it before installing a new one.

To export a CA certificate from Burp Suite:

  1. Make sure that Burp Suite is running.
  2. Visit http://burpsuite in Chrome.
  3. On the "Welcome to Burp Suite Professional" page, click CA Certificate to download your unique Burp CA certificate.
  4. Make a note of where you save the CA certificate.
download CA certificate - MacOS

Note

If you don't see the "Welcome to Burp Suite Professional" page, please refer to the proxy troubleshooting page. Depending on what went wrong, you may be taken there automatically.

To install the CA certificate in Chrome:

  1. Open Chrome and go to the Customize (hamburger) menu.
  2. Select Settings and open the Privacy and security menu.
  3. From the Security menu, select Manage certificates. The Keychain Access window opens.
  4. Select System and then select the Certificates tab.
  5. Drag-and-drop the downloaded certificate into the certificates list and enter your password if required.
  6. In Keychain Access, double-click the entry for PortSwigger CA. In the dialog that opens, expand the Trust section and select the option Always trust. Enter your password if required.
  7. Restart Chrome.
  8. With Burp still running, browse to any HTTPS URL. If everything has worked, you should now be able to browse to the page without any security warnings.

Removing the Burp Suite CA certificate

To remove the CA certificate:

  1. Open Chrome and go to the Customize (hamburger) menu.
  2. Select Settings and open the Privacy and security menu.
  3. From the Security menu, select Manage certificates.The Keychain Access window opens.
  4. Select System and then select the Certificates tab.
  5. Right-click the certificate and select Delete. Enter your password if required.

Was this article helpful?