September 28, 2019 · Pentest Android

Using Burp suite on Android 9 or above

First, generate your own cert here:

# mac

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout pk.key -out certificate.crt \
    -subj / \
    -reqexts SAN \
    -extensions SAN \
    -config <(cat /System/Library/OpenSSL/openssl.cnf \
        <(printf '[SAN]\'))
openssl pkcs12 -export -out certificate.p12 -inkey pk.key -certfile certificate.crt -in certificate.crt

## Enter 123

# Ubuntu

openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout certificate.key \
-out certificate.crt

openssl pkcs12 -export -out certificate.p12 -inkey certificate.key -certfile certificate.crt -in certificate.crt

## Enter 123

Originally from


Second, import the above certificate.p12 to burp, with password 123,
Click regenerate CA Certificate, export as certificate.der

Your Proxy Interface need to be Per Host .


Next, Config your mac/PC instance.

Open Keychain in your mac, drag the certificate.der file to Systems tab

Double Click it, Trust -> Always Trust, Close it.


Then check can you visit google in your chrome with this cert settings.


cp certificate.crt /usr/share/ca-certificates/
sudo dpkg-reconfigure ca-certificates

Next Config your Android app instance.

Then continue as follow:

*tested with android 9

Or.. you may follow right here..

openssl x509 -inform DER -in certificate.der -out certificate.pem
TEMP_NEW_FILE_NAME=$(openssl x509 -inform PEM -subject_hash_old -in certificate.pem |head -1)
mv certificate.pem $TEMP_NEW_FILE_NAME.0


adb connect
adb root
adb remount
adb push a900cbff.0 /sdcard/
mv /sdcard/a900cbff.0 /system/etc/security/cacerts/
chmod 644 /system/etc/security/cacerts/a900cbff.0


Config your wifi proxy,

And check your chrome status


If it works, it should be somthing like this.

Make sure to save your project options!
Make sure to save your project options!
Make sure to save your project options!
Make sure to save your project options!

otherwise you need to do thise again each time if you restart your burp session!!!!!