1. Save a SSL certificate from Charles
Launch Charles
Go to Help > SSL Proxying > Save Charles Root Certificate
.
Then save it as format Base 64 encoded certificate (.pem)
2. Convert it to a format that Androids can use
Get the hash value of this certificate, rename the file according to this hash value and export the PEM information into the bottom of this new file.
FILE=$(openssl x509 -inform PEM -subject_hash_old -in charles-ssl-proxying-certificate.pem | head - 1 ). 0 cat charles-ssl-proxying-certificate.pem > $FILE openssl x509 -inform PEM -text -in charles-ssl-proxying-certificate.pem -out /dev/ null >> $FILE echo converted file as $FILE |
If system cannot recognise -subject_hash_old, use -subject_hash instead
FILE=$(openssl x509 -inform PEM -subject_hash -in charles-ssl-proxying-certificate.pem | head - 1 ). 0 cat charles-ssl-proxying-certificate.pem > $FILE openssl x509 -inform PEM -text -in charles-ssl-proxying-certificate.pem -out /dev/ null >> $FILE echo converted file as $FILE |
after running, your terminal should show the converted file name. i.e.
converted file as c56066ed. 0 |
3. Make sure your device is rooted
this step depends on your device. please google “root YOUR Modle"
4. Copy converted certificate to device storage
Assuming the converted file is c56066ed.0
adb push c56066ed. 0 /data/local/tmp/ adb shell |
5. Copy the certificate to system
mount -o rw,remount /system cp /sdcard/c56066ed. 0 /system/etc/security/cacerts/ chmod 644 /system/etc/security/cacerts/c56066ed. 0 |
6. Reboot
Reboot should make the new certificate work. If you are still in adb shell
, you can run:
reboot |
7. Enable SSL Proxy in Charles
Proxy → SSL Proxy Settings → SSL Proxy tab → Add Host:* Port:*
Online Reference
https://jamie.holdings/2016/09/04/Installing-a-new-trusted-SSL-root-certificate-on-Android.html