Install and Setup Burp Suite Proxy & Certificate with Java Application

This article shows how to set up Burp Suite certificate for Java application.

Java application sometimes did not go through (use) the global proxy setting. This means that even we set up the proxy and import the burp suite certificate, we are still not able to intercept HTTPS traffic.

This article shows how to set up your Burp Suite proxy and certificate with Java Application for intercepting HTTPS traffic.

  1. a newly installed Windows 7 with IE;
  2. a Java application;
  3. Installed Firefox and Burp Suite Pro;
  4. Imported Burp Suite certificate into Firefox and IE;
  1. Install Java environment

Navigate to the Java official website to download Java application and install it.

  1. Restart computer

Open CMD and navigate to the Java bin folder. (Please notice that the version number “jre1.8.0_261” maybe different)

1
cd C:\Program Files\Java\jre1.8.0_261\bin

Then, execute the following command to import Burp Suite certificate into Java keyStore by using KeyTool.

Java KeyTool is a command line tool which can generate public key / private key pairs and store them in a Java KeyStore.

1.der is the Burp Suite certificate, burp.jks is the Java KeyStore file. Please take a note of the KeyStore filename (burp.jks), we need it later.

1
keytool.exe -import -trustcacerts -file C:\Users\IEUser\Downloads\1.der -alias BURPSUITE -keystore burp.jks

After we execute it, KeyTool asks us to provide a password, I used: 123456. Please also take a note of the password (123456).

Java KeyTool Import Cert
Java KeyTool Import Cert

Execute following command to confirm if the certificate import successfully. Please provide correct KeyStore name and password.

1
keytool -keystore burp.jks -list
Verify Java KeyTool Import
Verify Java KeyTool Import Cert

Now, we successfully imported Burp Suite certificate into Java.

Add following parameters when you execute your java application: (Please ensure that you provide correct trustStore path, KeyStore name and KeyStore password)

1
2
-Djavax.net.ssl.trustStore=C:\Program Files\Java\jre1.8.0_261\bin\burp.jks
-Djavax.net.ssl.trustStorePassword=123456

Then, you should be able to intercept HTTPS traffic with your burp.