stackoom
  简体   繁体   中英

How to implement Burp suite's custom SSL Certificate?

 原文  2020-03-22 16:52:33       go/ ssl/ certificate/ pkcs#12

Question

In Burp Suite, from Project Options -> SSL we can import PKCS#12 files with password for specific hostnames.

I tried manually using commands below to export block and key files and then pass them to my http client in golang using tls.LoadX509KeyPair() . But upon sending any requests, I receive remote error: tls: handshake failure .

These are the commands I used:

openssl pkcs12 -in cert.p12 -clcerts -nokeys -out usercert.pem
openssl pkcs12 -in cert.p12 -nocerts -out userkey.pem -nodes

What am I missing?

1 answers

solution1
 0  2020-05-25 04:13:42

If using a self-signed certificate specify InsecureSkipVerify: true in your tls configuration. Pulled from the documentation :

 // InsecureSkipVerify controls whether a client verifies the // server's certificate chain and host name. // If InsecureSkipVerify is true, TLS accepts any certificate // presented by the server and any host name in that certificate. // In this mode, TLS is susceptible to man-in-the-middle attacks. // This should be used only for testing.```

Otherwise, add your certificate to the Certificates list in your tls configuration.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question godaddy's ssl certificate with GoLang HTTP SSL with GoDaddy's certificate - This server's certificate chain is incomplete Programmatically install an SSL certificate into a browser's store How to use custom flag with testify/suite in Go test How do I fix my PEM block in ssl certificate? How to implement a custom json validator Get remote ssl certificate in golang How to specify custom SSL roots with Go on Linux How to access the client's certificate in Go? How to implement PHP's gzopen in Go?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM