Fire Fox: Not Able to Access SSL Website while Intercepting MOZILLA_PKIX_ERROR_MITM_DETECTED,

-
I got this error on almost all sites which using HTTPS. 

Fig : 1 Error On firefox 
Example below for a search on google.we are accessing the google website an we intercept the traffic using a TLS proxy ,we got following error: 

#################################################################################

The owner of www.google.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.
Peer’s Certificate issuer is not recognized.
HTTP Strict Transport Security: false HTTP Public Key Pinning: true
Certificate chain:
BEGIN CERTIFICATE-----
MIIEHjCCAwagAwIBAgIIOWEMKAAAAAAwDQYJKoZIhvcNAQELBQAwgd0xCzAJBgNV BAYTAkdCMQ8wDQYDVQQIEwZMb25kb24xDzANBgNVBAcTBkxvbmRvbjEfMB0GA1UE ChMWUm95YWwgQmFuayBvZiBTY290bGFuZDElMCMGA1UECxMcRGlnaXRhbCBFbmdp bmVlcmluZyBTZXJ2aWNlczEgMB4GA1UEAxYXbG9uYnAwMDAwMV9sb25kb25fcHJv eHkxQjBABgkqhkiG9w0BCQEWMypDSUJEVEVTZUNvbW1lcmNlSW5mcmFzdHJ1Y3R1 cmVQcm94eVN1cHBvcnRAcmJzLmNvbTAeFw0xODAxMTAwOTM5MDBaFw0xODA0MDQw OTM5MDBaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYD VQQHDA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKDApHb29nbGUgSW5jMRcwFQYDVQQD DA53d3cuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ANzxGbWp0Mp36H55zzgvvrG5ZDNjDCDUxIK1TmZabRlZmzhtPtv5Flm2ttE2P78o xJSa6lw3j79pFoKxQ+RdIa4wqmXRa6pEkfZoj7pfI7+AVs60Cis3aALvc+7VUXVe zXi/5gluujqkQzKR3M3kXAilNMRQsmiCDMPQHLO9U3Xd4Z17L8cT2s76Fx8Jtshg 54bqrGhsjsvowBvlBteCvIVIXVb6nj4Mzhe0z3S4B48UKDX2luD+I9GGO5e2//g1 2jrgUCw8I44LQ3Nr60Ma/fs5lo4slMTO7QuSIM94BOWwk8u0LuFfAt1gwzj6zXvC gybXOpVW0UCP061xdBkUYjkCAwEAAaNWMFQwCQYDVR0TBAIwADALBgNVHQ8EBAMC BeAwHwYDVR0jBBgwFoAUA1X1VxIsZaIBded+fqBKhmrhfjEwGQYDVR0RBBIwEIIO d3d3Lmdvb2dsZS5jb20wDQYJKoZIhvcNAQELBQADggEBAIlNadiUw9GTbvtAp7r2 osyCHIYx6ca8sH+atUU2lBh2+Cg14H/Senj722KqRX2S66ovx/vj8NJdO9NIM1Lw zdiTM0Aad0HMces+JWYO0LHmnb9O8UPQVP+cOI7qSB3qTgp+u10Cp42xQOuG2mbF frMUiSIr58VpB9zIvnEmbyIQgUJldbNngAdNdo5WEF/EUpxCMnlJt5K+9DS+/KOP J54akXfKKGU8/RV4w6P3W40n3l0mJ6eyAB4x9nDqWorvDZjP80JRev07tz0i85Iq 18ySO6qiMRi+tIYOQO7nOjS1xm7P48mQZp9AJ4kXN4nSkgDzQPEBzFc+sxv17PHo Cpw=
END CERTIFICATE-----
#########################################################################

SOLUTION : 

Step 1:Get the certificate from third party website e.g. "Burp Suite"
Fig 2: Burp Certificate Access"http://burp "


Fig 3: Burp Certificate Export 
Step 2: Access Firefox, Go to "OPTION" --> Search for "Certificates" --> Click on "View Certificate"
Fig 4: Firefox Certificate Option  

Step 3: certificate manager will open and you will find many certificate already install with your Firefox 

Step 4: Now Click on "Import" and locate the Burp Certificate  to install 

and make sure you check following option here :
  • Trust this CA to identify website 
  • Trust this CA to identify email users 

Step 5: Click OK and Restart firefox ...Enjoy and dont forget to make comment below 😅😁😁

Comments

Post a Comment

Popular posts from this blog

ENABLE SSH ON KALI LINUX

-
Image
Kali Linux does not come with SSH enabled. SSH is the preferred method of remote management for most Linux based systems.  Secure Shell  ( SSH ) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers. It connects, via a secure channel over an insecure network, a server and a client running SSH server and SSH client programs. 1) Install OpenSSH Server The first step is to go the terminal window and install OpenSSH Server. You do this by typing the following command in the terminal window: root@kali~:# apt-get install openssh-server 2) Configure SSH to run on persistently. In other words survive a reboot. a)  First we need to remove run levels for SSH by issuing the command: root@kali~:# update-rc.d -f ssh remove b)  Now we need load the default ...
Read more

Due Care And Due Diligence

-
Due Care And Due Diligence  Due Diligence  Due diligence is conducting requisite actions to determine necessary safeguards required and making prudent business decisions based on the data gathered.  Taking due diligence could include items such as conducting a Risk Assessment, conducting pre-employment background checks and even reading thorough Service Level Agreements with contractors.  Generalizing, Due Diligence means identifying the necessary actions to take. Due Care Due Care is the ongoing process of conducting prudent practices as required to maintain the system in compliance with the processes identified and deemed necessary by due diligence.  Examples of Due Care would be upholding the terms of your Service Level Agreement, conducting daily backups, and checking logs to ensure no malicious activity is present.  Generalizing, Due Care means taking the necessary actions discovered from doing Due diligence. How do These Ter...
Read more