Charles proxy fails on SSL Connect Method

Question

I have Android 4.3 forced to use Charles proxy via IPTABLES. The charles certificate is installed on the phone. I am able to capture normal SSL traffic like https websites in the browser. All POST and GET methods seem to work fine. In a particular app, it fails when using the SSL CONNECT method.

• URL: https://XX.XX.XXX.XXX/
• Status: Failed
• Failure: SSLHandshake: Received fatal alert: unknown_ca
• Response Code: - Protocol: HTTP/1.0
• Method: CONNECT

Answer 1

From iOS 10.3 you also need to go to Settings > General > About > Certificate Trust Settings and trust Charles certificate.

Answer 2

You can face with this problem at some applications like Facebook or Instagram. Charles certificate doesn't work at some new apps because they are using a technique named as SSL-PINNING. First of all you have to break ssl-pinning system of application or you can instal old version of application then it sometimes works but we need a new solution about ssl pinning in order to record traffic for this kind of applications.

Answer 3

as @Berkay Yıldız says, it probably using ssl/certificate pinning.

how to fix/avoid/disable ssl pinning?

the whole logic is:

LEVEL 1: for normal http： core logic：

• PC：Mac/Windows
  • Charles set http proxy
  • set port
• app use Charles proxy
  • inside Wifi, set
    • host IP
    • port

Note： computer side, MUST use wired network, NOT wireless, otherwise mobile side network not usable

LEVEL 2: for encrypted https：

• PC
  • install Charles root certificate
    • Mac：use Key Chain to trust Charles Root CA
  • Charles
    • Enable SSL Proxying
      • set location filter for your specific api address
• phone
  • app
    • install Charles Root CA
      • Note: type should select: VPN and Application
        • NOT select：WLAN
      • makesure certificate install successfully
        • Trusted Credentials -> User, can see installed Charles certificate

LEVEL 3: for SPECIAL https which using ssl pinning:

• Phone：
  • make sure root or jailbreak
    • Android：has rooted
      • for later to install tool: Xposed
    • iOS：has jail break
      • for later to install tool: Cydia
  • then install plugin/tool, capable of avoid/disable ssl pinning
    • Android：
      • JustTrustMe (based on Xposed)
      • Android-SSL-TrustKiller (Cydia Substrate)
    • iOS：
      • SSL Kill Switch 2 (based on Cydia)
        • old version：iOS SSL Kill Switch (based on Cydia)

---

more detailed summary please refer my post (written in Chinese): 1 and 2

Answer 4

Some folks my end up here with android N Devices that won't do SSL over charles even after installing the cert - now on http://chls.pro/ssl

In N - you need to also add an xml file and security config. This post goes into more details: How to get charles proxy work with Android 7 nougat?

Answer 5

I have met the same problem. And after installing the latest certificate, it is solved.