How can I fix this on iOS using Swift? When I'm making a server request I get the following error:
The certificate for this server is invalid. You might be connecting to a server that is pretending to be “...” which could put your confidential information at risk.
You just need to install the certificates on the iOS simulators
From Charles Documentation:
Quit your iOS Simulator. Launch Charles and go to the Help menu.
Choose the "SSL Proxying > Install Charles Root Certificate in iOS
Simulators" item. This will install your Charles Root Certificate into
all of your iOS Simulators. Now when you start the iOS Simulator, you
should be able to access SSL websites with Charles using SSL Proxyin
You are most probably trying to connect to server with self-signed ssl certificate. iOS does not like it.
Take a look at this post as an example: Swift SSL error with self signed certificate.
Other possible issue is a proxy configuration with something like Charles behind it.
More details will maybe help to identify the root of the issue...
Here's what I did so far:
1. Install Charles on my mac
2. Connect mac and iPhone to same WiFi network
3. Charles->Proxy->SSL Proxy Settings. Enable for *
4. Charles->Help->Install Charles Root Certificate on a Mobile Device
5. Configure iPhone to proxy to IP provided in step 3.
6. on iPhone, went to chls.pro/ssl and installed root certificate.
The iPhone web traffic shows in Charles, but is still ssl encrypted. What am I missing?
Go to General->About->Certificate Trust Settings and enable full trust for the Charles Proxy certificate.
I installed Charles to debug HTTP communications on my iOS simulator. In the process in Charles I did: Menubar -> Help -> SSL Proxying -> Install Charles root certificate on iOS simulators.
Now I want to use the simulator normally but it only works if I have Charles running due to SSL failures. I tried reseting the simulator with: Menubar -> Simulator -> Reset content and settings... but it didn't help.
Is there a way to remove the installed Charles root certificate from the Simulators?
Hardware > Erase All Content and Settings..
Erase all settings and content from your simulator including Charles root cert.
I'm trying to analyse my Iphone traffic, I enabled the SSL proxy and set everything. The problem is.. I just got these unknown packs, I can't see anything, any clue??
Ensure you have trust settings enabled on your device.
Select 'Settings' > 'General' > 'About' > 'Certificate Trust Settings'
Enable the Charles Proxy certificate
Enable certificate
To install Charles root certificate on an Android emulator
Launch Charles from your Mac
Go to the Android settings on the emulator
Select Wifi
Select AndroidWifi network
Select the pencil icon in the upper-right-hand corner.
Select the "Advanced Options" accordion
Enable manual proxy settings (just like a physical device)
Navigate to chls.pro/ssl in the emulator's browser and install the root certificate (Keep it set to VPN)
Confirm the prompt from Charles that an external device is attempting to proxy using Charles
Charles is now configured.
To install Charles root certificate on an iOS simulator
Launch Charles from your Mac
Select Help > SSL Proxying > Save Charles Root Certificate
Drag & drop the saved certificate into an open simulator
In the simulator open Settings > General > About > Certificate Trust Settings
Ensure the certificate is trusted.
Restart the simulator.
Charles is now configured.
I got it, you just have to move the CA to the right path; it's not to the default path, you have to move to the "Trusted Folder" when installed.
It seems that the directory for the iOS Simulator has changed. It used to be in ~/Library/Application\ Support/iPhone\ Simulator/ and now it's in ~/Library/Developer/CoreSimulator/Devices/.
Update: Charles 3.9.3+ has a built-in function to configure your iOS Simulators (i.e. installing the Charles SSL Certificate). This can be found in the Help menu within the Charles application. (Help > SSL Proxying > Install Charles Root Certificate in iOS Simulators)
The following applies to Charles 3.9.2:
Download the configuration shell script from the Charles Proxy website. Then, replace the script with the following, and run it on your Mac:
#/bin/bash
install() {
if [ -f "$SQLITEDBPATH" ]; then
cp -n "$SQLITEDBPATH" "$SQLITEDBPATH.charlesbackup"
sqlite3 "$SQLITEDBPATH" <<EOF
INSERT INTO "tsettings" VALUES(X'189B6E28D1635F3A8325E1E002180DBA2C02C241',X'3123302106035504030C1A436861726C65732050726F78792053534C2050726F7879696E6731243022060355040B0C1B687474703A2F2F636861726C657370726F78792E636F6D2F73736C3111300F060355040A0C08584B3732204C74643111300F06035504070C084175636B6C616E643111300F06035504080C084175636B6C616E64310B3009060355040613024E5A',X'3C3F786D6C2076657273696F6E3D22312E302220656E636F64696E673D225554462D38223F3E0A3C21444F435459504520706C697374205055424C494320222D2F2F4170706C652F2F44544420504C49535420312E302F2F454E222022687474703A2F2F7777772E6170706C652E636F6D2F445444732F50726F70657274794C6973742D312E302E647464223E0A3C706C6973742076657273696F6E3D22312E30223E0A3C61727261792F3E0A3C2F706C6973743E0A',X'3082045E30820346A003020102020101300D06092A864886F70D01010505003081913123302106035504030C1A436861726C65732050726F78792053534C2050726F7879696E6731243022060355040B0C1B687474703A2F2F636861726C657370726F78792E636F6D2F73736C3111300F060355040A0C08584B3732204C74643111300F06035504070C084175636B6C616E643111300F06035504080C084175636B6C616E64310B3009060355040613024E5A3020180F31383939313233313132303030305A170D3338303932343033313930355A3081913123302106035504030C1A436861726C65732050726F78792053534C2050726F7879696E6731243022060355040B0C1B687474703A2F2F636861726C657370726F78792E636F6D2F73736C3111300F060355040A0C08584B3732204C74643111300F06035504070C084175636B6C616E643111300F06035504080C084175636B6C616E64310B3009060355040613024E5A30820122300D06092A864886F70D01010105000382010F003082010A02820101008349587455EFB272E397A31D3B52D9B13115C93F320766D2D451117F45C40285506027079ED439CABB94D44F1AE136EB1E79BF77ABE43345AD1D436809CF9E035C439272F3CA917DCADD7FBD0E3929F1A345F0B89096130BBD116F8D3AB5655789B7B0831325BD22903F198DA6BDDA30C08DFD17CE9AB51C48555264307BCF789A2B6C48DF4ECAF3EA2C092EE737AD8F397900AC03303BFE2AE43549030A7866CB6FE9B04B9F6EC498B4E7369E99B45491BF093858A77C72F8ADC818E018D413265E39446BE514F78EB57A23AA88F630776F861A9163E04AD38EE8A5C9219D0FC23F6B9A6324455DEA6F4A6A251ECA1FA3D6288CB89FD12A2062A3A015A56F250203010001A381BC3081B9300F0603551D130101FF040530030101FF307706096086480186F842010D046A136853534C2050726F7879696E6720697320656E61626C656420696E20436861726C65732050726F78792E20506C6561736520766973697420687474703A2F2F636861726C657370726F78792E636F6D2F73736C20666F72206D6F726520696E666F726D6174696F6E2E300E0603551D0F0101FF040403020204301D0603551D0E04160414BB27F4CB2EB6DBB058101BBD803F38D208D76129300D06092A864886F70D010105050003820101000041F935F30B209E56360F7E3D9C30314A213323C47EDCEA1467600A50FFE4E8E39DFCA8C8D34463C34745FF04C870F1DF28BB772DB0CF1BCA677B70842C742BC6D5FB00559AD643C6BF2C95BD0B855A961D7D6A3EADA9C642E9A789474C4AD838C6F732D8D859548D30829DF7A32D098FE3F00147DAF08C0B37DD597184C1E27A61EA42050C73994E809013CB21E37BF84BF923BCEFEA6164FD28AB9058CCC48F1F486FC1C47EBD8A9C933F542401B11F36A003E47B141A41C7B326D18D023E11EDB445699AA44800254EA33F174FD5EB1CCCE6A09365751FF905988C06315B5575067BF65EC24CAD1A6A601846D1D2F51F1F420A2762990B044000619D1C84');
EOF
fi
}
for SQLITEDBPATH in ~/Library/Developer/CoreSimulator/Devices/*/data/Library/Keychains/TrustStore.sqlite3; do
echo $SQLITEDBPATH
install
done
echo "The Charles SSL CA Certificate has been installed for the iPhone Simulator"
Some things to note:
you must open Charles before launching the simulator. If you close Charles, network requests will fail until you restart the simulator
you will need to do this every time you "Reset Content and Settings..." on the simulator
For Xcode 5: if you're looking to setup Charles Proxy on Xcode 5 and earlier, you don't need to modify the original script. Just download it from the Charles website and run it as-is
I just tested Charles over Xcode 7 / iOS9 simulator. Just a few pointers I want to add if you're having trouble:
Make sure "Enable Mac OS proxy" and "Use HTTP Proxy" are checked under
Charles' Proxy | Proxy Settings; and optionally check "Enable Mac OS X
proxy at startup" if you don't want to do this step every time you
start Charles.
If your Automatic Proxy Configuration (and/or Auto Proxy Discovery) is set in your System
Preferences | Network, you need to uncheck it lest Charles' Web
Proxy (HTTP) and Secure Web Proxy (HTTPS) will not take effect.
If your company requires proxy server independent of Charles, you
need to manually replicate the settings inside Charles lest they are overridden by Charles and you won't be able to access the internet. Make note of the proxy
URL and port numbers before starting Charles. Transcribe these Web
Proxy and Secure Web Proxy settings under Charles' Proxy | External
Proxy Settings.
"Enable SSL Proxying" and add your endpoint on the list, via Charles'
Proxy | SSL Proxying Settings.
"Install Charles Root Certificate in iOS Simulator" via Charles' Help
| SSL Proxying menu.
And yeah, make sure Charles is setup and started first before you
start the simulator.
Finally for now, disable ATS during development until we hear more
from Apple.
According to charles documentation
The iOS Simulator should use the system proxy settings. If it doesn't, please try quitting and restarting the iOS Simulator. As of Xcode 6 it appears to be important that Charles is running and set as the Mac OS X system proxy before you run the iOS Simulator.
Read Here
So just quit your simulator, open charles and then run the app again. After that you can track your network calls.
NOTE: Your network calls will fail if you quit Charles. So you will need to either quit the simulator and run it again or open Charles again.
Another way to do it is to browse to the certificate http://charlesproxy.com/charles.crt on the device
which will present you with the screen:
Update for iOS 9: You have to disable App Transport Security to use Charles!
http://www.charlesproxy.com/documentation/using-charles/ssl-certificates/
Steps for iOS simulator.
Install Charles - download
Charles Menu -> Proxy -> Enable Mac Proxy
Charles Menu -> Tools -> Proxy -> Proxy Settings -> MacOS -> Check all the check
boxes
Install Charles Certificate in iOS simulators
Charles Menu -> Help -> SSL Proxying -> Install Charles Ceritificate in iOS
Simulators
Enable Charles Certificate in iOS Simulators
iOS Simulators Setttings -> General -> About -> Certificate Trust Settings -> Switch
On
If traffic does not appear, Run Charles before simulator
Steps for iPhone/iPad.
Open desktop Charles app (Mac/Windows)
Goto Charles Menu -> Help -> SSL Proxying -> Install Charles Ceritificate on a Mobile device or Remote browser -> Select -> popup appear with below steps
`
Configure your device to use Charles as its HTTP Proxy on
192.168.0.100:8888, then browser to chls.pro/ssl to download and install the certificate.
Goto iPhone settings -> Wifi -> click selected wifi -> Http proxy -> Configure proxy -> select Manual -> Give server as 192.168.0.100 and port as 8888 -> Save
Goto iPhone browser -> Load chls.pro/ssl -> It will show below popup
`
The website is trying to download a configuration profile. Do you want to allow this?
Ignore button and Allow button
Click Allow button -> It will download the profile
Goto iPhone Settings -> General -> Profiles -> Downloaded Profile -> Select the Charles Proxy profile -> Install
Goto iPhone Settings -> General -> About -> Certificate Trust Settings -> Enable - Charles Proxy CA certificate
Now we can track the iPhone app calls in desktop Charles app
I didnt see the configuration shell script on that page. I did the following and it worked for me:
http://raptureinvenice.com/getting-the-charles-debugging-proxy-to-work-with-ios-and-genymotion/
Check this out:
As of Charles v3.9.3 there is an item in the Help menu, "Install
Charles CA SSL Certificate in iOS Simulators", which will
automatically install Charles's SSL CA certificate in your iOS
Simulators.
Alternatively, you can change your code so that NSURLConnection
accepts any SSL certificate. Please see the question and answer on
Stack Overflow:
How to use NSURLConnection to connect with SSL for an untrusted cert?
You can check it on this link: http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/
The 'Install Charles Root Certificate in iOS simulators' does not work in the current version of CharlesProxy (3.11) with Xcode 7 / iOS 9 simulators.
Instead, use the 'Install Charles Root Certificate on a Mobile Device or Remote Browser...' option. This will give you a url for the certificate.
If you open this url in Safari in the simulator, you will then be given the option to install the certificate.
You still then need to disable app transport security. I don't understand why this is necessary when you have the certificate installed; I guess CharlesProxy does not use sufficiently large keys/signatures.
Just (re)starting the Simulator after Charles starts fixed it for me.
For those who struggling with untrusted connections on Xcode 9 beta's simulators:
I don't know if install script works or not but you are able to install charles' cert in same way as on physical device - through Safari.
Last step that is needed (of course after installing certificate either through script or via Safari): Go to Simluator's settings -> general -> about -> Certificate trust settings -> Charles Proxy Custom Root... -> enable 💥
To me, this is what worked.
I did same thing as we do in device.
Open safari and browse chls.pro/ssl
Accept and install the certificate
Go to Settings/About/Trust certificates and trust the charles certificate.
I have to do this on 3 simulator instances, as XCUI automation testing can spin 3.
It works for me after go to safari (simulator) and visit the URL:
chls.pro/ssl
Before I had to Install charles root certificate in iOS simulators (Charles: help/SSLproxying)
regards