Charles proxy fails on SSL Connect Method

Question

I have Android 4.3 forced to use Charles proxy via IPTABLES. The charles certificate is installed on the phone. I am able to capture normal SSL traffic like https websites in the browser. All POST and GET methods seem to work fine. In a particular app, it fails when using the SSL CONNECT method.

• URL: https://XX.XX.XXX.XXX/
• Status: Failed
• Failure: SSLHandshake: Received fatal alert: unknown_ca
• Response Code: - Protocol: HTTP/1.0
• Method: CONNECT

Answer 1

From iOS 10.3 you also need to go to Settings > General > About > Certificate Trust Settings and trust Charles certificate.

Answer 2

You can face with this problem at some applications like Facebook or Instagram. Charles certificate doesn't work at some new apps because they are using a technique named as SSL-PINNING. First of all you have to break ssl-pinning system of application or you can instal old version of application then it sometimes works but we need a new solution about ssl pinning in order to record traffic for this kind of applications.

Answer 3

as @Berkay Yıldız says, it probably using ssl/certificate pinning.

how to fix/avoid/disable ssl pinning?

the whole logic is:

LEVEL 1: for normal http： core logic：

• PC：Mac/Windows
  • Charles set http proxy
  • set port
• app use Charles proxy
  • inside Wifi, set
    • host IP
    • port

Note： computer side, MUST use wired network, NOT wireless, otherwise mobile side network not usable

LEVEL 2: for encrypted https：

• PC
  • install Charles root certificate
    • Mac：use Key Chain to trust Charles Root CA
  • Charles
    • Enable SSL Proxying
      • set location filter for your specific api address
• phone
  • app
    • install Charles Root CA
      • Note: type should select: VPN and Application
        • NOT select：WLAN
      • makesure certificate install successfully
        • Trusted Credentials -> User, can see installed Charles certificate

LEVEL 3: for SPECIAL https which using ssl pinning:

• Phone：
  • make sure root or jailbreak
    • Android：has rooted
      • for later to install tool: Xposed
    • iOS：has jail break
      • for later to install tool: Cydia
  • then install plugin/tool, capable of avoid/disable ssl pinning
    • Android：
      • JustTrustMe (based on Xposed)
      • Android-SSL-TrustKiller (Cydia Substrate)
    • iOS：
      • SSL Kill Switch 2 (based on Cydia)
        • old version：iOS SSL Kill Switch (based on Cydia)

---

more detailed summary please refer my post (written in Chinese): 1 and 2

Answer 4

Some folks my end up here with android N Devices that won't do SSL over charles even after installing the cert - now on http://chls.pro/ssl

In N - you need to also add an xml file and security config. This post goes into more details: How to get charles proxy work with Android 7 nougat?

Answer 5

I have met the same problem. And after installing the latest certificate, it is solved.

Answer 6

On your phone, visit http://charlesproxy.com/getssl to download the cert. Upon downloading the cert in android, it will prompt you to install the cert, give the cert a name and continue. It should now work.

Note: The sshould be similar on an iPhone

Answer 7

I got the following error when I was trying to install the cert on my Nexus 6p, Android 6.0. (I followed the instructions in charles and downloaded the cert via http://chls.pro/ssl.):

Couldn't install because the certificate file couldn't be read.

The solution to this problem was to install via: Settings > Security > Install from storage After navigating to the cert file and installing it everything worked as expected.

Answer 8

If you get this with an app using facebook login on an android phone, I got around it by uninstalling the fb app. Then the mobile fb web is used instead and I can charles everything. With the fb app installed the fb api fails with SSL error.

Answer 9

On Samsung phones, you should install the certificate by navigating to Biometrics and security/Other security settings/Install from device storage/CA Certificate.

Answer 10

On this link http://www.charlesproxy.com/documentation/using-charles/ssl-certificates/ you have all the information you need on properly installing the Charles certificate.

After installing it you'll get rid of the "SSLHandshake: Received fatal alert: unknown_ca" error.

Answer 11

I am using Charles 4.2.5 and Nexus 6P on Android 8.1.

One cannot use Charles to track https on my mobile phone.

Plz note that after Android N, we cannot capture normal SSL traffic of others'app.

Here is the official website of Charles. https://www.charlesproxy.com/documentation/using-charles/ssl-certificates/

Android As of Android N, you need to add configuration to your app in order to have it trust the SSL certificates generated by Charles SSL Proxying. This means that you can only use SSL Proxying with apps that you control.

In order to configure your app to trust Charles, you need to add a Network Security Configuration File to your app. This file can override the system default, enabling your app to trust user installed CA certificates (e.g. the Charles Root Certificate). You can specify that this only applies in debug builds of your application, so that production builds use the default trust profile.

Add a file res/xml/network_security_config.xml to your app:

Then add a reference to this file in your app's manifest, as follows:

...