Charles proxy fails on SSL Connect Method
- 2020-12-20
- 代理
Quoted from https://stackoverflow.com/a/52277209/13647950
as @Berkay Yıldız says, it probably using ssl/certificate pinning.
how to fix/avoid/disable ssl pinning?
the whole logic is:
LEVEL 1: for normal http: core logic:
- PC:Mac/Windows
- Charles set http proxy
- set port
- app use Charles proxy
- inside Wifi, set
- host IP
- port
- inside Wifi, set
Note: computer side, MUST use wired network, NOT wireless, otherwise mobile side network not usable
LEVEL 2: for encrypted https:
- PC
- install Charles root certificate
- Mac:use
Key Chainto trust Charles Root CA
- Mac:use
- Charles
Enable SSL Proxying- set location filter for your specific api address
- install Charles root certificate
- phone
- app
- install Charles Root CA
- Note: type should select:
VPN and Application- NOT select:WLAN
- makesure certificate install successfully
Trusted Credentials -> User, can see installed Charles certificate
- Note: type should select:
- install Charles Root CA
- app
LEVEL 3: for SPECIAL https which using ssl pinning:
- Phone:
- make sure root or jailbreak
- Android:has rooted
- for later to install tool: Xposed
- iOS:has jail break
- for later to install tool: Cydia
- Android:has rooted
- then install plugin/tool, capable of avoid/disable ssl pinning
- Android:
- JustTrustMe (based on Xposed)
- Android-SSL-TrustKiller (Cydia Substrate)
- iOS:
- SSL Kill Switch 2 (based on Cydia)
- old version:iOS SSL Kill Switch (based on Cydia)
- SSL Kill Switch 2 (based on Cydia)
- Android:
- make sure root or jailbreak