starred/Proxyman

Fork 0

mirror of https://github.com/ProxymanApp/Proxyman.git synced 2026-04-26 00:25:56 +03:00

etcetc #1443

New issue

Open

opened 2026-03-03 19:51:33 +03:00 by kerem · 11 comments

kerem commented

2026-03-03 19:51:33 +03:00

Owner

Originally created by @delboy1978uk on GitHub (Nov 28, 2022).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1450

Description

I'm trying to nset up an android device for development here, and my SSL handshake failed.

What I found interesting was that the error path does not exist on my machine!

/Users/nghiatran/Library/Developer/Xcode/DerivedData/NSProxy-chrjhjrygpkcrggquryyaaqcgvhz/SourcePackages/checkouts/swift-nio-ssl/Sources/CNIOBoringSSL/ssl/tls_record.cc:594

@NghiaTranUIT Is this just a display bug, or is something else going on?

Originally created by @delboy1978uk on GitHub (Nov 28, 2022). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1450 ## Description I'm trying to nset up an android device for development here, and my SSL handshake failed. What I found interesting was that the error path does not exist on my machine! <img width="537" alt="image" src="https://user-images.githubusercontent.com/2684575/204259299-eadc4e57-9605-4e09-bc79-47ff36cf6ed1.png"> `/Users/nghiatran/Library/Developer/Xcode/DerivedData/NSProxy-chrjhjrygpkcrggquryyaaqcgvhz/SourcePackages/checkouts/swift-nio-ssl/Sources/CNIOBoringSSL/ssl/tls_record.cc:594` @NghiaTranUIT Is this just a display bug, or is something else going on?

kerem added the

question

label

2026-03-03 19:51:33 +03:00

kerem commented

2026-03-03 19:51:34 +03:00

Author

Owner

@NghiaTranUIT commented on GitHub (Nov 28, 2022):

@delboy1978uk It's odd 🤔

Just wondering: Have you installed & trusted the Certificate in your Android? You can find it in Certificate Menu -> Install for Android -> Physical Device / Emulator

Especially the 5th step in this Setup Guide: https://docs.proxyman.io/debug-devices/android-device

@NghiaTranUIT commented on GitHub (Nov 28, 2022): @delboy1978uk It's odd 🤔 Just wondering: Have you installed & trusted the Certificate in your Android? You can find it in Certificate Menu -> Install for Android -> Physical Device / Emulator Especially the 5th step in this Setup Guide: https://docs.proxyman.io/debug-devices/android-device

kerem commented

2026-03-03 19:51:34 +03:00

Author

Owner

@delboy1978uk commented on GitHub (Nov 28, 2022):

Yes I have installed and trusted the certificate. As for the last step, I am on a device which is only running Android 9, but the guide mentioned that the security config is for 10 and above, so I have not performed that step. I'm sure it's just the device (or myself) and not Proxyman, I just found it odd to see the error path coming from /Users/nghiatran/.... :-P

@delboy1978uk commented on GitHub (Nov 28, 2022): Yes I have installed and trusted the certificate. As for the last step, I am on a device which is only running Android 9, but the guide mentioned that the security config is for 10 and above, so I have not performed that step. I'm sure it's just the device (or myself) and not Proxyman, I just found it odd to see the error path coming from `/Users/nghiatran/....` :-P

kerem commented

2026-03-03 19:51:34 +03:00

Author

Owner

@NghiaTranUIT commented on GitHub (Nov 28, 2022):

I'm surprised too. It's from Swift NIO

Can you share with me which app you're trying to Intercept 🤔 ?

Please notes that if it's popular apps, such as FB, IG, or Play Store. The high chance that it's protected by SSL Pinning Mechanism.

@NghiaTranUIT commented on GitHub (Nov 28, 2022): I'm surprised too. It's from [Swift NIO](https://github.com/apple/swift-nio) Can you share with me which app you're trying to Intercept 🤔 ? Please notes that if it's popular apps, such as FB, IG, or Play Store. The high chance that it's protected by SSL Pinning Mechanism.

kerem commented

2026-03-03 19:51:34 +03:00

Author

Owner

@delboy1978uk commented on GitHub (Nov 28, 2022):

Oh, it's just a local server with a self signed SSL. I can access the domain fine via the devices browser, but when i try to deploy the actual android app that's when i get this. That's why I'm sure it isn't Proxyman causing my issues, again I was just drawing attention to your user path in my error:-)

@delboy1978uk commented on GitHub (Nov 28, 2022): Oh, it's just a local server with a self signed SSL. I can access the domain fine via the devices browser, but when i try to deploy the actual android app that's when i get this. That's why I'm sure it isn't Proxyman causing my issues, again I was just drawing attention to your user path in my error:-)

kerem commented

2026-03-03 19:51:35 +03:00

Author

Owner

@delboy1978uk commented on GitHub (Nov 28, 2022):

FYI, that last step also worked for Android 9. My app is working again!

@delboy1978uk commented on GitHub (Nov 28, 2022): FYI, that last step also worked for Android 9. My app is working again!

kerem commented

2026-03-03 19:51:35 +03:00

Author

Owner

@NghiaTranUIT commented on GitHub (Nov 29, 2022):

Thanks. I will investigate the error path.

If you have a HTTPS (self-signed) local server, to make it works with Proxyman, make sure your Local Server accepts Proxyman Certificate too.

@NghiaTranUIT commented on GitHub (Nov 29, 2022): Thanks. I will investigate the error path. If you have a HTTPS (self-signed) local server, to make it works with Proxyman, make sure your Local Server accepts Proxyman Certificate too.

kerem commented

2026-03-03 19:51:35 +03:00

Author

Owner

@delboy1978uk commented on GitHub (Nov 29, 2022):

@NghiaTranUIT I am using a docker compose LAMP stack and generate my cert in my Apache container here https://github.com/delboy1978uk/lamp/blob/master/build/httpd/Dockerfile#L9 Should I be adding the Proxyman Certificate in there too then?

@delboy1978uk commented on GitHub (Nov 29, 2022): @NghiaTranUIT I am using a docker compose LAMP stack and generate my cert in my Apache container here https://github.com/delboy1978uk/lamp/blob/master/build/httpd/Dockerfile#L9 Should I be adding the Proxyman Certificate in there too then?

kerem commented

2026-03-03 19:51:35 +03:00

Author

Owner

@ianbby commented on GitHub (Nov 30, 2022):

I am seeing this as well. I have Proxyman installed with the cert trusted on my Mac. I created a new Android emulator and used the Override button to configure it. That all seemed to go well, but when browsing in the emulator or firing up my local app, I get errors around Invalid Date/Time int he browser that show as Internal Errors in proxyman:

handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268436502 error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN at /Users/nghiatran/Library/Developer/Xcode/DerivedData/NSProxy-dpnvjsvnoedgpgfkomhjjqznnjsa/SourcePackages/checkouts/swift-nio-ssl/Sources/CNIOBoringSSL/ssl/tls_record.cc:594]))

CleanShot 2022-11-30 at 09 45 44@2x

I have confirmed that my Mac and Android emulator dates are correct and that the certificate is present in the emulator as expected. I am able to access sites like Wikipedia without issue, but certain sites are erroring like yahoo in the screenshot above.

@ianbby commented on GitHub (Nov 30, 2022): I am seeing this as well. I have Proxyman installed with the cert trusted on my Mac. I created a new Android emulator and used the Override button to configure it. That all seemed to go well, but when browsing in the emulator or firing up my local app, I get errors around Invalid Date/Time int he browser that show as Internal Errors in proxyman: ``` handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268436502 error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN at /Users/nghiatran/Library/Developer/Xcode/DerivedData/NSProxy-dpnvjsvnoedgpgfkomhjjqznnjsa/SourcePackages/checkouts/swift-nio-ssl/Sources/CNIOBoringSSL/ssl/tls_record.cc:594])) ``` ![CleanShot 2022-11-30 at 09 45 03@2x](https://user-images.githubusercontent.com/77275484/204843575-5827cef3-aaf0-40e7-aaaf-ce534c24a62e.png) <img width="1335" alt="CleanShot 2022-11-30 at 09 45 44@2x" src="https://user-images.githubusercontent.com/77275484/204843595-24a12bfd-ae8a-4d07-ab5f-4f9c3527cdde.png"> I have confirmed that my Mac and Android emulator dates are correct and that the certificate is present in the emulator as expected. I am able to access sites like Wikipedia without issue, but certain sites are erroring like yahoo in the screenshot above.

kerem commented

2026-03-03 19:51:35 +03:00

Author

Owner

@NghiaTranUIT commented on GitHub (Nov 30, 2022):

On Android, it's important to finish the step 5 in this Setup Guide: https://docs.proxyman.io/debug-devices/android-device

We have to add the domains to security_config.xml file in the source code.

Sine you visit yahoo.com from the WebBrowser, you haven't finished the step 5 yet. Thus, get SSL error.

@NghiaTranUIT commented on GitHub (Nov 30, 2022): On Android, it's important to finish the step 5 in this Setup Guide: https://docs.proxyman.io/debug-devices/android-device We have to add the domains to security_config.xml file in the source code. Sine you visit yahoo.com from the WebBrowser, you haven't finished the step 5 yet. Thus, get SSL error.

kerem commented

2026-03-03 19:51:35 +03:00

Author

Owner

@ianbby commented on GitHub (Nov 30, 2022):

Ah, fair play there! And looking beyond Chrome, the part of my app that hit the SSL error was throwing up a Chrome custom tab, which probably doesn't qualify for the network_security_config exclusions. Makes sense!

@ianbby commented on GitHub (Nov 30, 2022): Ah, fair play there! And looking beyond Chrome, the part of my app that hit the SSL error was throwing up a Chrome custom tab, which probably doesn't qualify for the network_security_config exclusions. Makes sense!

kerem commented

2026-03-03 19:51:35 +03:00

Author

Owner

@NghiaTranUIT commented on GitHub (Dec 1, 2022):

@ianbby yup, the security on Android devices/emulators is tricky. It doesn't allow you to freely intercept the HTTPS from other apps, unless you are a developer, install & trust the certificate, and add config to network_security_config.xml.

On the other hand, iOS device is easier. They just need to install & Trust the certificate. Then, you can intercept from any Web Browser on iOS devices.

@NghiaTranUIT commented on GitHub (Dec 1, 2022): @ianbby yup, the security on Android devices/emulators is tricky. It doesn't allow you to freely intercept the HTTPS from other apps, unless you are a developer, install & trust the certificate, and add config to `network_security_config.xml`. On the other hand, iOS device is easier. They just need to install & Trust the certificate. Then, you can intercept from any Web Browser on iOS devices.