By Marone: December 2017
| last update: December 2019
In a previous post tracing messages
i used tcpmon tool to monitor soap messages between client and server,
With tcpmon i could tracing soap and as well rest services but only with http protocol.
Now i want to trace a spring boot rest services that use HTTPS
protocol, after searching in web i found Burp Suite
. So im going to introduce
how to use this tool
Download Burp Suite Community Edition as JAR file from here
Start Burp Suite
java -jar -Xmx512m burpsuite_community_v1.7.30.jar
If everything ist working a Wizard will appear, then just click
i accept -> Next -> Start Burp
after a few second you will see the project Wizard
Config Burp / Change Porxy listener port
Because in most cases the port 8080
is in use, so we will change the listener port to 18090
Get Burp CA Certificate
In Order to deal with HTTPS, you have to import the Burp CA Certificate to your browser.Hit the url http://burp
and then click CA Certificate
and save the certificate
Import Burp Certificate to Firefox
Open FireFox, hit about:preferences#privacy
under certificates click View Certificates
and Select the "Authorities"
Click "Import", select the Burp CA certificate file that you saved before and click Open
In the next wizard, check the box Trust this CA to identify web sites
and click "OK"
Pass traffic through Burp
In order to pass all HTTP and HTTPS traffic from your browser through Burp, you need to configure your browser to work with it.
Go to FireFox
Open menu -> Options
under Network Proxy select Settings
, it should look like below. At last click
in browser and switch to Burp Suite GUI.