Charles proxy doesn't work on my IOS device - ios

Here's what I did so far:
Install Charles on my mac
Connect mac and iPhone to same WiFi network
Charles->Proxy->SSL Proxy Settings. Enable for *
General->About->Certificate Trust Settings and enable full trust for the Charles Proxy certificate.
Charles->Help->Install Charles Root Certificate on a Mobile Device
Configure iPhone to proxy to IP provided in step 3.
And then when I try to go to safari on my Iphone I get a "connection lost" error and It's impossible to browse.
Any solutions ?
I'm on IOS 11.4

I used to have the same problem when SSL Proxying on iOS device then I changed to the following steps and it works:
Install Root Certificate on my mac
Configure Wifi Proxy on iOS device to Charles:
Server: 172.16.1.191
Port: 8888
Open Safari on iOS device:
Browse to chls.pro/ssl to download and install the certificate
Install Charles CA Certificate on your device:
iOS ≥ 10.3: Setting app > General > Profiles > Select Charles CA > Install
iOS ≥ 12.2: Setting app > Profiles Downloaded > Select Charles CA > Install
Trust Charles CA Certificate on your device:
Setting app > General > About > Certificate Trust Settings > Switch ON on Charles CA
Honestly, this is based on the iOS Setup Guide of an app named Proxyman. They have similar features like Charles but the UX is better I suppose. Anw, hope it helps :)

I had the same issue yesterday and spent a lot of time trying all possible solutions. But, what worked for me was restarting my router and do all these steps again.
Note: In case you are not able to download the certificate on your iOS device by going to Safari browser (chls.pro/ssl), you can download the certificate from the Charles app on your mac, save in local, then send it to your iOS device and install from there.
Path for the same in Charles app is - Help -> SSL Proxying -> Save Charles Root Certificate

Go to the Wifi setting, Configure Proxy under HTTP PROXY to Manual.
Provide the Server IP from Charles and Port to 8888.
Browse to chls.pro/ssl to download and install the certificate in your phone.

Refer to the answer here: Cannot see iOS simulator traffic with charles proxy
Ensure that ATS is present for debug builds.

Related

Swift - The certificate for this server is invalid

How can I fix this on iOS using Swift? When I'm making a server request I get the following error:
The certificate for this server is invalid. You might be connecting to a server that is pretending to be “...” which could put your confidential information at risk.
You just need to install the certificates on the iOS simulators
From Charles Documentation:
Quit your iOS Simulator. Launch Charles and go to the Help menu.
Choose the "SSL Proxying > Install Charles Root Certificate in iOS
Simulators" item. This will install your Charles Root Certificate into
all of your iOS Simulators. Now when you start the iOS Simulator, you
should be able to access SSL websites with Charles using SSL Proxyin
You are most probably trying to connect to server with self-signed ssl certificate. iOS does not like it.
Take a look at this post as an example: Swift SSL error with self signed certificate.
Other possible issue is a proxy configuration with something like Charles behind it.
More details will maybe help to identify the root of the issue...

Charles proxy doesn't work even after installing the root certificate on iphone device

Here's what I did so far:
1. Install Charles on my mac
2. Connect mac and iPhone to same WiFi network
3. Charles->Proxy->SSL Proxy Settings. Enable for *
4. Charles->Help->Install Charles Root Certificate on a Mobile Device
5. Configure iPhone to proxy to IP provided in step 3.
6. on iPhone, went to chls.pro/ssl and installed root certificate.
The iPhone web traffic shows in Charles, but is still ssl encrypted. What am I missing?
Go to General->About->Certificate Trust Settings and enable full trust for the Charles Proxy certificate.

Remove Charles SSL root certificate from iPhone Simulators

I installed Charles to debug HTTP communications on my iOS simulator. In the process in Charles I did: Menubar -> Help -> SSL Proxying -> Install Charles root certificate on iOS simulators.
Now I want to use the simulator normally but it only works if I have Charles running due to SSL failures. I tried reseting the simulator with: Menubar -> Simulator -> Reset content and settings... but it didn't help.
Is there a way to remove the installed Charles root certificate from the Simulators?
Hardware > Erase All Content and Settings..
Erase all settings and content from your simulator including Charles root cert.

Charles just shows unknown packages

I'm trying to analyse my Iphone traffic, I enabled the SSL proxy and set everything. The problem is.. I just got these unknown packs, I can't see anything, any clue??
Ensure you have trust settings enabled on your device.
Select 'Settings' > 'General' > 'About' > 'Certificate Trust Settings'
Enable the Charles Proxy certificate
Enable certificate
To install Charles root certificate on an Android emulator
Launch Charles from your Mac
Go to the Android settings on the emulator
Select Wifi
Select AndroidWifi network
Select the pencil icon in the upper-right-hand corner.
Select the "Advanced Options" accordion
Enable manual proxy settings (just like a physical device)
Navigate to chls.pro/ssl in the emulator's browser and install the root certificate (Keep it set to VPN)
Confirm the prompt from Charles that an external device is attempting to proxy using Charles
Charles is now configured.
To install Charles root certificate on an iOS simulator
Launch Charles from your Mac
Select Help > SSL Proxying > Save Charles Root Certificate
Drag & drop the saved certificate into an open simulator
In the simulator open Settings > General > About > Certificate Trust Settings
Ensure the certificate is trusted.
Restart the simulator.
Charles is now configured.
I got it, you just have to move the CA to the right path; it's not to the default path, you have to move to the "Trusted Folder" when installed.

How to use Charles Proxy on the Xcode 6 (iOS 8) Simulator?

It seems that the directory for the iOS Simulator has changed. It used to be in ~/Library/Application\ Support/iPhone\ Simulator/ and now it's in ~/Library/Developer/CoreSimulator/Devices/.
Update: Charles 3.9.3+ has a built-in function to configure your iOS Simulators (i.e. installing the Charles SSL Certificate). This can be found in the Help menu within the Charles application. (Help > SSL Proxying > Install Charles Root Certificate in iOS Simulators)
The following applies to Charles 3.9.2:
Download the configuration shell script from the Charles Proxy website. Then, replace the script with the following, and run it on your Mac:
#/bin/bash
install() {
if [ -f "$SQLITEDBPATH" ]; then
cp -n "$SQLITEDBPATH" "$SQLITEDBPATH.charlesbackup"
sqlite3 "$SQLITEDBPATH" <<EOF
INSERT INTO "tsettings" VALUES(X'189B6E28D1635F3A8325E1E002180DBA2C02C241',X'3123302106035504030C1A436861726C65732050726F78792053534C2050726F7879696E6731243022060355040B0C1B687474703A2F2F636861726C657370726F78792E636F6D2F73736C3111300F060355040A0C08584B3732204C74643111300F06035504070C084175636B6C616E643111300F06035504080C084175636B6C616E64310B3009060355040613024E5A',X'3C3F786D6C2076657273696F6E3D22312E302220656E636F64696E673D225554462D38223F3E0A3C21444F435459504520706C697374205055424C494320222D2F2F4170706C652F2F44544420504C49535420312E302F2F454E222022687474703A2F2F7777772E6170706C652E636F6D2F445444732F50726F70657274794C6973742D312E302E647464223E0A3C706C6973742076657273696F6E3D22312E30223E0A3C61727261792F3E0A3C2F706C6973743E0A',X'3082045E30820346A003020102020101300D06092A864886F70D01010505003081913123302106035504030C1A436861726C65732050726F78792053534C2050726F7879696E6731243022060355040B0C1B687474703A2F2F636861726C657370726F78792E636F6D2F73736C3111300F060355040A0C08584B3732204C74643111300F06035504070C084175636B6C616E643111300F06035504080C084175636B6C616E64310B3009060355040613024E5A3020180F31383939313233313132303030305A170D3338303932343033313930355A3081913123302106035504030C1A436861726C65732050726F78792053534C2050726F7879696E6731243022060355040B0C1B687474703A2F2F636861726C657370726F78792E636F6D2F73736C3111300F060355040A0C08584B3732204C74643111300F06035504070C084175636B6C616E643111300F06035504080C084175636B6C616E64310B3009060355040613024E5A30820122300D06092A864886F70D01010105000382010F003082010A02820101008349587455EFB272E397A31D3B52D9B13115C93F320766D2D451117F45C40285506027079ED439CABB94D44F1AE136EB1E79BF77ABE43345AD1D436809CF9E035C439272F3CA917DCADD7FBD0E3929F1A345F0B89096130BBD116F8D3AB5655789B7B0831325BD22903F198DA6BDDA30C08DFD17CE9AB51C48555264307BCF789A2B6C48DF4ECAF3EA2C092EE737AD8F397900AC03303BFE2AE43549030A7866CB6FE9B04B9F6EC498B4E7369E99B45491BF093858A77C72F8ADC818E018D413265E39446BE514F78EB57A23AA88F630776F861A9163E04AD38EE8A5C9219D0FC23F6B9A6324455DEA6F4A6A251ECA1FA3D6288CB89FD12A2062A3A015A56F250203010001A381BC3081B9300F0603551D130101FF040530030101FF307706096086480186F842010D046A136853534C2050726F7879696E6720697320656E61626C656420696E20436861726C65732050726F78792E20506C6561736520766973697420687474703A2F2F636861726C657370726F78792E636F6D2F73736C20666F72206D6F726520696E666F726D6174696F6E2E300E0603551D0F0101FF040403020204301D0603551D0E04160414BB27F4CB2EB6DBB058101BBD803F38D208D76129300D06092A864886F70D010105050003820101000041F935F30B209E56360F7E3D9C30314A213323C47EDCEA1467600A50FFE4E8E39DFCA8C8D34463C34745FF04C870F1DF28BB772DB0CF1BCA677B70842C742BC6D5FB00559AD643C6BF2C95BD0B855A961D7D6A3EADA9C642E9A789474C4AD838C6F732D8D859548D30829DF7A32D098FE3F00147DAF08C0B37DD597184C1E27A61EA42050C73994E809013CB21E37BF84BF923BCEFEA6164FD28AB9058CCC48F1F486FC1C47EBD8A9C933F542401B11F36A003E47B141A41C7B326D18D023E11EDB445699AA44800254EA33F174FD5EB1CCCE6A09365751FF905988C06315B5575067BF65EC24CAD1A6A601846D1D2F51F1F420A2762990B044000619D1C84');
EOF
fi
}
for SQLITEDBPATH in ~/Library/Developer/CoreSimulator/Devices/*/data/Library/Keychains/TrustStore.sqlite3; do
echo $SQLITEDBPATH
install
done
echo "The Charles SSL CA Certificate has been installed for the iPhone Simulator"
Some things to note:
you must open Charles before launching the simulator. If you close Charles, network requests will fail until you restart the simulator
you will need to do this every time you "Reset Content and Settings..." on the simulator
For Xcode 5: if you're looking to setup Charles Proxy on Xcode 5 and earlier, you don't need to modify the original script. Just download it from the Charles website and run it as-is
I just tested Charles over Xcode 7 / iOS9 simulator. Just a few pointers I want to add if you're having trouble:
Make sure "Enable Mac OS proxy" and "Use HTTP Proxy" are checked under
Charles' Proxy | Proxy Settings; and optionally check "Enable Mac OS X
proxy at startup" if you don't want to do this step every time you
start Charles.
If your Automatic Proxy Configuration (and/or Auto Proxy Discovery) is set in your System
Preferences | Network, you need to uncheck it lest Charles' Web
Proxy (HTTP) and Secure Web Proxy (HTTPS) will not take effect.
If your company requires proxy server independent of Charles, you
need to manually replicate the settings inside Charles lest they are overridden by Charles and you won't be able to access the internet. Make note of the proxy
URL and port numbers before starting Charles. Transcribe these Web
Proxy and Secure Web Proxy settings under Charles' Proxy | External
Proxy Settings.
"Enable SSL Proxying" and add your endpoint on the list, via Charles'
Proxy | SSL Proxying Settings.
"Install Charles Root Certificate in iOS Simulator" via Charles' Help
| SSL Proxying menu.
And yeah, make sure Charles is setup and started first before you
start the simulator.
Finally for now, disable ATS during development until we hear more
from Apple.
According to charles documentation
The iOS Simulator should use the system proxy settings. If it doesn't, please try quitting and restarting the iOS Simulator. As of Xcode 6 it appears to be important that Charles is running and set as the Mac OS X system proxy before you run the iOS Simulator.
Read Here
So just quit your simulator, open charles and then run the app again. After that you can track your network calls.
NOTE: Your network calls will fail if you quit Charles. So you will need to either quit the simulator and run it again or open Charles again.
Another way to do it is to browse to the certificate http://charlesproxy.com/charles.crt on the device
which will present you with the screen:
Update for iOS 9: You have to disable App Transport Security to use Charles!
http://www.charlesproxy.com/documentation/using-charles/ssl-certificates/
Steps for iOS simulator.
Install Charles - download
Charles Menu -> Proxy -> Enable Mac Proxy
Charles Menu -> Tools -> Proxy -> Proxy Settings -> MacOS -> Check all the check
boxes
Install Charles Certificate in iOS simulators
Charles Menu -> Help -> SSL Proxying -> Install Charles Ceritificate in iOS
Simulators
Enable Charles Certificate in iOS Simulators
iOS Simulators Setttings -> General -> About -> Certificate Trust Settings -> Switch
On
If traffic does not appear, Run Charles before simulator
Steps for iPhone/iPad.
Open desktop Charles app (Mac/Windows)
Goto Charles Menu -> Help -> SSL Proxying -> Install Charles Ceritificate on a Mobile device or Remote browser -> Select -> popup appear with below steps
`
Configure your device to use Charles as its HTTP Proxy on
192.168.0.100:8888, then browser to chls.pro/ssl to download and install the certificate.
Goto iPhone settings -> Wifi -> click selected wifi -> Http proxy -> Configure proxy -> select Manual -> Give server as 192.168.0.100 and port as 8888 -> Save
Goto iPhone browser -> Load chls.pro/ssl -> It will show below popup
`
The website is trying to download a configuration profile. Do you want to allow this?
Ignore button and Allow button
Click Allow button -> It will download the profile
Goto iPhone Settings -> General -> Profiles -> Downloaded Profile -> Select the Charles Proxy profile -> Install
Goto iPhone Settings -> General -> About -> Certificate Trust Settings -> Enable - Charles Proxy CA certificate
Now we can track the iPhone app calls in desktop Charles app
I didnt see the configuration shell script on that page. I did the following and it worked for me:
http://raptureinvenice.com/getting-the-charles-debugging-proxy-to-work-with-ios-and-genymotion/
Check this out:
As of Charles v3.9.3 there is an item in the Help menu, "Install
Charles CA SSL Certificate in iOS Simulators", which will
automatically install Charles's SSL CA certificate in your iOS
Simulators.
Alternatively, you can change your code so that NSURLConnection
accepts any SSL certificate. Please see the question and answer on
Stack Overflow:
How to use NSURLConnection to connect with SSL for an untrusted cert?
You can check it on this link: http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/
The 'Install Charles Root Certificate in iOS simulators' does not work in the current version of CharlesProxy (3.11) with Xcode 7 / iOS 9 simulators.
Instead, use the 'Install Charles Root Certificate on a Mobile Device or Remote Browser...' option. This will give you a url for the certificate.
If you open this url in Safari in the simulator, you will then be given the option to install the certificate.
You still then need to disable app transport security. I don't understand why this is necessary when you have the certificate installed; I guess CharlesProxy does not use sufficiently large keys/signatures.
Just (re)starting the Simulator after Charles starts fixed it for me.
For those who struggling with untrusted connections on Xcode 9 beta's simulators:
I don't know if install script works or not but you are able to install charles' cert in same way as on physical device - through Safari.
Last step that is needed (of course after installing certificate either through script or via Safari): Go to Simluator's settings -> general -> about -> Certificate trust settings -> Charles Proxy Custom Root... -> enable 💥
To me, this is what worked.
I did same thing as we do in device.
Open safari and browse chls.pro/ssl
Accept and install the certificate
Go to Settings/About/Trust certificates and trust the charles certificate.
I have to do this on 3 simulator instances, as XCUI automation testing can spin 3.
It works for me after go to safari (simulator) and visit the URL:
chls.pro/ssl
Before I had to Install charles root certificate in iOS simulators (Charles: help/SSLproxying)
regards

Resources