Android

Enable SSL Proxy on Android

After launching Android 7 (API24) we need additional tweaks to allow SSL proxy

Firstly, we need to create (or update) file network_security_config.xml in xml folder:

<network-security-config>    
   <base-config>  
      <trust-anchors>
          <certificates src="system" />
          <certificates src="user" />
      </trust-anchors>
   </base-config>
</network-security-config>

But this code will allow MITM-hacking always. Instead of this, we can allow SSL proxy only at debug time:

<network-security-config>
   <debug-overrides>
      <trust-anchors>
         <certificates src="system" />
         <certificates src="user" />
      </trust-anchors>
   </debug-overrides>
</network-security-config>

Also we need to modify our AndroidManifest.xml by adding android:networkSecurityConfig=”@xml/network_security_config” to app configuration:

<application android:name=”AppName” 
 android:icon=”@mipmap/ic_launcher” 
 android:label=”@string/app_name”    
 android:networkSecurityConfig=”@xml/network_security_config”>

And last one: we need to add system certificate from proxy software (Charles, Fidler, etc.) into our Android device. Now we can see all requests/responses in real-time!

Leave a reply

Your email address will not be published. Required fields are marked *

You may also like

More in:Android