Install and Setup Burp Suite Proxy & Certificate with Java Application

This article demonstrates how to configure the Burp Suite certificate for Java applications.

Java applications sometimes bypass global proxy settings, which means that setting up a proxy and importing the Burp Suite certificate may not be sufficient to intercept HTTPS traffic.

This article will guide you through setting up your Burp Suite proxy and certificate with a Java application to intercept HTTPS traffic effectively.

  1. A freshly installed Windows 7 with Internet Explorer;
  2. A Java application;
  3. Firefox and Burp Suite Pro installed;
  4. Burp Suite certificate imported into Firefox and IE.

Navigate to the Java official website to download and install Java.

Ensure that all configurations take effect by restarting your computer.

Open CMD and navigate to the Java bin folder. Note that the version number “jre1.8.0_261” may vary.

cd C:\Program Files\Java\jre1.8.0_261\bin

Execute the following command to import the Burp Suite certificate into the Java KeyStore using KeyTool, a command-line utility that manages keys and certificates.

keytool.exe -import -trustcacerts -file C:\Users\IEUser\Downloads\1.der -alias BURPSUITE -keystore burp.jks

When prompted, provide a password for the KeyStore. I used “123456”. Remember this password as it will be required later.

Java KeyTool Import Cert
Java KeyTool Import Cert

To verify the certificate has been imported successfully, execute the following:

keytool -keystore burp.jks -list

Verify Java KeyTool Import
Verify Java KeyTool Import Cert

You have now successfully imported the Burp Suite certificate into Java.

When launching your Java application, include the following parameters to ensure the application uses the specified KeyStore:

2\Program Files\Java\jre1.8.0_261\bin\burp.jks

With these settings, you should be able to intercept HTTPS traffic using Burp Suite.