|
|
|
|
|
|
by thaumasiotes
2585 days ago
|
|
|
I'm answering based mostly on having read that link. It looks like the protection applies only in the case where an error is being surfaced. The problem Chrome wants to address is that users will click past the SECURITY ALERT. If you properly configure your own CA, then the TLS error triggering this behavior won't occur, and there is no security problem for Chrome to put its foot down on -- your proxy is providing a valid certificate for whatever domain, as far as Chrome is concerned, not an invalid one. Compare https://support.portswigger.net/customer/portal/articles/178... . > The Chrome browser picks up the certificate trust store from your host computer. By installing Burp's CA certificate in your computer’s built-in browser (e.g. Internet Explorer on Windows, or Safari on OS X), Chrome will automatically make use of the certificate. > When the Burp CA certificate has been installed for your built-in browser, restart Chrome and you should be able to visit any HTTPS URL via Burp without any security warnings. |
|
|