After this chapter, we can intercept SSL-enabled traffic for any website. While using SSL/TLS certificates is desirable in terms of security, it does pose a challenge when we wish to use an interception proxy, such as Burp, to test the website for flaws.

Burp provides a simple interface to set up SSL/TLS connections with minimal fuss. Once a root certificate authority is imported, all certificates generated by Burp and signed by the same root CA are identified as valid in the browsers. With this configuration, we have basically covered all that we needed to move on to learning about the various tools of Burp Suite that make it such a powerful tool to security test applications that work over HTTP.