Error "server certificate change is restricted during renegotiation" on Burp Suite Free Edition v1.6

The following errors happened when I used Burp Suite Free Edition v1.6 with upstream proxy; [twitter:@anshuman_bh] posted an image of these errors. Thanks for @anshuman_bh and [twitter:@Burp_Suite], I have known solutions for the errors. And, I blogged this entry for someone who may face the errors.

Attempting to auto-select SSL parameters for 
Failed to auto-select SSL parameters for 
javax.net.SSLException: server certificate change is restricted during renegotiation
server certificate change is restricted during renegotiation

Solution

  • Use latest Burp Suite

Burp Suite v1.6.07 applied a workaround related to the errors by @Burp_Suite (tweet). If you use Burp Suite Free Edition, I use, you cannot update to date soon. Then you can do some workarounds.

Workarounds
  • Use Burp Suite without upstream proxy by @anshuman_bh (tweet)
  • Use Java 1.7_67 and earlier version; it is bad for security reason.
    • The errors happened with Java 1.7_71 .
    • I confirmed that it was not the errors Burp Suite with Java 1.7_67 .
  • Use Burp Suite with OWASP ZAP by [twitter:@604Wes] and [twitter:@adamruddermann] (tweet)
    • Burp Suite -> OWASP ZAP -> upstream proxy