This tab contains settings for SSL negotiation, and client and server SSL certificates.
These settings control the SSL protocols that Burp will use when performing SSL negotiation with upstream servers.
Sometimes, you may have difficulty negotiating SSL connections with certain web servers. The Java SSL stack contains a few gremlins, and fails to work with certain unusual server configurations. To help you troubleshoot this problem, Burp lets you specify which protocols should be offered to servers during SSL negotiations.
Note that Burp itself implements a few workarounds for SSL issues, and if a negotiation fails with the protocols you have configured, Burp will still try some alternative combinations of protocols that often work. So you shouldn't use this feature as a method of testing which protocols are actually supported by the server.
Two other options are available:
This setting lets you configure a client SSL certificate (in PKCS12 format) that will be used whenever a destination HTTPS server requires client certificate authentication.
This information-only panel contains details of all X509 certificates received from web servers. Double-click an item in the table to display the full details of the certificate.
Get help from other users, at the Burp Suite User Forum:
This release fixes a bug which was introduced in the v1.5rc2 release, and which caused the active scan checks for XSS to fail to execute in some situations