Charles Ssl Proxy

broken image


This modual focuses on the installation of Charles root certificate in order to view SSL 443 responses. Thru Firewall, Install on Windows 10 and Google Chro. Note: As of Android N, there is a need to add network security configuration in native application in order to trust the SSL certificates generated by Charles SSL Proxying. That configuration has been added to Hybrid Client 7.41.

  1. Charles Ssl Proxying Enabled For This Host
  2. Charles Ssl Proxy Android
  3. Charles Proxy Server

What is Charles Proxy?

Charles Proxy sits between your app and the Internet. All networking requests and responses will be passed through Charles Proxy, so you'll be able to inspect and even change data midstream to test how your app responds.

Charles Ssl Proxy

Installation

Go to Charles Proxy Download page and follow instructions to download and install it on your computer.

Configuring Charles Proxy

In order for any browser (or any application) to use Charles, it must be configured to use Charles as its proxy server.

Windows Proxy Settings

Make sure 'Windows Proxy' is checked and 'Mozilla Firefox Proxy' is not checked under the Proxy menu item.

Mac OS Proxy Settings

Make sure 'macOS Proxy' is checked and 'Mozilla Firefox Proxy' is not checked under the Proxy menu item.

SSL Certificates

The following instructions are for different browsers to help you trust your Charles Root Certificate so you wouldn't see certificate warnings.

Windows / Internet Explorer

In Charles go to the Help menu and choose 'SSL Proxying > Install Charles Root Certificate'. A window will appear warning you that the CA Root certificate is not trusted.

Click the 'Install Certificate' button to launch the Certificate Import Wizard. The certificate must be imported into the 'Trusted Root Certification Authorities' certificate store, so override the automatic certificate store selection.

Complete the wizard and your Charles Root Certificate is now installed. You may need to restart IE before the installation takes affect.

Mozilla Firefox

First, ensure that Firefox is connected to Charles. You should see browsing from Firefox being recorded in Charles.

Visit https://chls.pro/ssl in Firefox. You will be presented with a certificate import dialog. Tick the option 'Trust this CA to identify websites' and complete the import.

macOS

In Charles go to the Help menu and choose 'SSL Proxying > Install Charles Root Certificate'. Keychain Access will open. Find the 'Charles Proxy...' entry, and double-click to get info on it. Expand the 'Trust' section, and besides 'When using this certificate' change it from 'Use System Defaults' to 'Always Trust'. Then close the certificate info window, and you will be prompted for your Administrator password to update the system trust settings.

You may need to quit and reopen Safari to see the change.

Google Chrome

On macOS, please follow the instructions for the macOS above. These instructions only apply to Windows.

  1. In Charles go to the Help menu and choose 'SSL Proxying > Save Charles Root Certificate'. Save the root certificate as a Binary Certificate (.cer) to your desktop, or somewhere where you can easily access it in the next step.
  2. In Chrome, open the Settings. At the bottom of the settings page, click 'Advanced' to open the advanced section, then click the 'Manage certificates…' button.
  3. Go to the 'Trusted Root Certification Authorities' tab and click 'Import…'.
  4. Find the certificate file you saved from Charles in the previous step, then click Next and Finish, leaving the default options, until you complete the import. Chrome will now always trust certificates signed by Charles.
  5. After importing you can delete the certificate file that you saved.

Capturing logs

To start or stop recording click on the corresponding toolbar icon or under Proxy menu item with 'Start Recording' and 'Stop Recording' actions. Once started you can use any browser to go to youtube.com for example and search for 'Testlio' to get some traffic to appear.

Saving logs

Once you've stopped recording you can save your session by choosing File > Save Session.

When integrating features in your app that communicate over the internet, you may need to view SSL/HTTPS traffic for various reasons. For example, if you are implementing analytics in your app and notice data discrepancies with your analytics provider, you could inspect the exact data that is being sent to/from your app to isolate if the root cause of the discrepancy originates from the app. Analytics data is typically encrypted, therefore you need a mechanism to view the encrypted data in plain text to effectively troubleshoot.
With proxy support on Fire TV and using a popular proxy tool such as Charles Proxy, you can set up your Fire TV environment to view SSL/HTTPS traffic in plain text.

Prerequisites:

  • Fire OS 6
    • Fire TV (Gen 3)
    • Fire TV Cube
    • Fire TV Edition Toshiba
    • Fire TV Edition Insignia
    • Fire TV Stick 4K
  • Charles Proxy, with SSL proxy support configured

Charles Ssl Proxying Enabled For This Host

1. Setting a proxy on Fire TV

  1. Bring up the Developer Tools Menu by one of the following two ways:
    1. Remote: 1) Press and hold the Select and Down buttons for five seconds release and then 2) Press the menu button
    2. ADB: adb shell am start -n com.amazon.ssm/.ControlPanel
  2. Select Network Proxy
    1. Select Manual
    2. Enter your Charles proxy IP address
    3. Enter your Charles proxy port
    4. Click Save

Developer Tools Menu - Network Proxy


Network Proxy - Enter Proxy information

Charles

Installation

Go to Charles Proxy Download page and follow instructions to download and install it on your computer.

Configuring Charles Proxy

In order for any browser (or any application) to use Charles, it must be configured to use Charles as its proxy server.

Windows Proxy Settings

Make sure 'Windows Proxy' is checked and 'Mozilla Firefox Proxy' is not checked under the Proxy menu item.

Mac OS Proxy Settings

Make sure 'macOS Proxy' is checked and 'Mozilla Firefox Proxy' is not checked under the Proxy menu item.

SSL Certificates

The following instructions are for different browsers to help you trust your Charles Root Certificate so you wouldn't see certificate warnings.

Windows / Internet Explorer

In Charles go to the Help menu and choose 'SSL Proxying > Install Charles Root Certificate'. A window will appear warning you that the CA Root certificate is not trusted.

Click the 'Install Certificate' button to launch the Certificate Import Wizard. The certificate must be imported into the 'Trusted Root Certification Authorities' certificate store, so override the automatic certificate store selection.

Complete the wizard and your Charles Root Certificate is now installed. You may need to restart IE before the installation takes affect.

Mozilla Firefox

First, ensure that Firefox is connected to Charles. You should see browsing from Firefox being recorded in Charles.

Visit https://chls.pro/ssl in Firefox. You will be presented with a certificate import dialog. Tick the option 'Trust this CA to identify websites' and complete the import.

macOS

In Charles go to the Help menu and choose 'SSL Proxying > Install Charles Root Certificate'. Keychain Access will open. Find the 'Charles Proxy...' entry, and double-click to get info on it. Expand the 'Trust' section, and besides 'When using this certificate' change it from 'Use System Defaults' to 'Always Trust'. Then close the certificate info window, and you will be prompted for your Administrator password to update the system trust settings.

You may need to quit and reopen Safari to see the change.

Google Chrome

On macOS, please follow the instructions for the macOS above. These instructions only apply to Windows.

  1. In Charles go to the Help menu and choose 'SSL Proxying > Save Charles Root Certificate'. Save the root certificate as a Binary Certificate (.cer) to your desktop, or somewhere where you can easily access it in the next step.
  2. In Chrome, open the Settings. At the bottom of the settings page, click 'Advanced' to open the advanced section, then click the 'Manage certificates…' button.
  3. Go to the 'Trusted Root Certification Authorities' tab and click 'Import…'.
  4. Find the certificate file you saved from Charles in the previous step, then click Next and Finish, leaving the default options, until you complete the import. Chrome will now always trust certificates signed by Charles.
  5. After importing you can delete the certificate file that you saved.

Capturing logs

To start or stop recording click on the corresponding toolbar icon or under Proxy menu item with 'Start Recording' and 'Stop Recording' actions. Once started you can use any browser to go to youtube.com for example and search for 'Testlio' to get some traffic to appear.

Saving logs

Once you've stopped recording you can save your session by choosing File > Save Session.

When integrating features in your app that communicate over the internet, you may need to view SSL/HTTPS traffic for various reasons. For example, if you are implementing analytics in your app and notice data discrepancies with your analytics provider, you could inspect the exact data that is being sent to/from your app to isolate if the root cause of the discrepancy originates from the app. Analytics data is typically encrypted, therefore you need a mechanism to view the encrypted data in plain text to effectively troubleshoot.
With proxy support on Fire TV and using a popular proxy tool such as Charles Proxy, you can set up your Fire TV environment to view SSL/HTTPS traffic in plain text.

Prerequisites:

  • Fire OS 6
    • Fire TV (Gen 3)
    • Fire TV Cube
    • Fire TV Edition Toshiba
    • Fire TV Edition Insignia
    • Fire TV Stick 4K
  • Charles Proxy, with SSL proxy support configured

Charles Ssl Proxying Enabled For This Host

1. Setting a proxy on Fire TV

  1. Bring up the Developer Tools Menu by one of the following two ways:
    1. Remote: 1) Press and hold the Select and Down buttons for five seconds release and then 2) Press the menu button
    2. ADB: adb shell am start -n com.amazon.ssm/.ControlPanel
  2. Select Network Proxy
    1. Select Manual
    2. Enter your Charles proxy IP address
    3. Enter your Charles proxy port
    4. Click Save

Developer Tools Menu - Network Proxy


Network Proxy - Enter Proxy information


2. Embed the Charles Root Certificate in your app

  1. Add this file to your app, with the following contents: res/xml/network_security_config.xml
  2. Add the Charles root certificate, in PEM (or DER) format, to res/raw/my_ca
    1. Charles Proxy > Help > SSL Proxying > Save Charles Root Certificate...
    2. Rename the saved file to my_ca and copy the file to res/raw

Charles Ssl Proxy Android

3. Build your app and check Charles Proxy

Charles Proxy Server

References:





broken image
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save