[GH-ISSUE #229] kCFStreamErrorDomainSSL error -9806 #224

New issue

Closed

opened 2026-03-03 19:16:23 +03:00 by kerem · 4 comments

kerem commented 2026-03-03 19:16:23 +03:00

Owner

Copy link

Originally created by @tuckerconnelly on GitHub (Jul 26, 2019).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/229

Proxyman version? (Ex. Proxyman 1.4.3)

1.4.6

macOS Version? (Ex. mac 10.14)

10.14.3

Steps to reproduce

Set up iOS proxy and try to inspect requests from UberEats app

Expected behavior

Be able to see the JSON

Screenshots (optional)

Originally created by @tuckerconnelly on GitHub (Jul 26, 2019). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/229 ### Proxyman version? (Ex. Proxyman 1.4.3) 1.4.6 ### macOS Version? (Ex. mac 10.14) 10.14.3 ### Steps to reproduce Set up iOS proxy and try to inspect requests from UberEats app ### Expected behavior Be able to see the JSON ### Screenshots (optional) <img width="1218" alt="Screen Shot 2019-07-25 at 6 21 36 PM" src="https://user-images.githubusercontent.com/4349082/61919135-1269c980-af09-11e9-8812-2e9878c8efea.png">

kerem 2026-03-03 19:16:23 +03:00

• closed this issue
• added the
  ✅ Done
  label

kerem commented 2026-03-03 19:16:24 +03:00

Author

Owner

Copy link

@tuckerconnelly commented on GitHub (Jul 26, 2019):

Looks like there are a few potential solutions in here: https://stackoverflow.com/questions/30791361/nsurlsession-http-load-failed-kcfstreamerrordomainssl-9813-self-signing-cer

<!-- gh-comment-id:515274119 --> @tuckerconnelly commented on GitHub (Jul 26, 2019): Looks like there are a few potential solutions in here: https://stackoverflow.com/questions/30791361/nsurlsession-http-load-failed-kcfstreamerrordomainssl-9813-self-signing-cer

kerem commented 2026-03-03 19:16:24 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jul 26, 2019):

Hey @tuckerconnelly, the reason why Proxyman couldn't see the content of Uber's APIs because it's protected by SSL-Pining mechanism, which is deliberately designed to prevent MitM apps like Proxyman, Fiddler, ...

Technically, UberEat only trusts all requests, which are signed by their own certificate. So Proxyman's Certificate doesn't fulfill them => Error 9806.

Your suggestion only works with iOS app, since it's sandbox and one of security requirements, but it's not for Proxyman (not sandbox app), and the problem is different 😄

Here some apps I know so far that support SSL-pining:

1. Well-known app: Facebook, Uber, Grab, Twitter, ...
2. Google Analytic on mobile: e.crashlytics.com
3. Banking and e-commerce apps too.

Let me know if you need further help 👍

P/S: If you're developer at UberEat, you can manually disable the SSL-Pining or trust Proxyman CA in DEV build.

<!-- gh-comment-id:515285933 --> @NghiaTranUIT commented on GitHub (Jul 26, 2019): Hey @tuckerconnelly, the reason why Proxyman couldn't see the content of Uber's APIs because it's protected by SSL-Pining mechanism, which is **deliberately** designed to prevent MitM apps like Proxyman, Fiddler, ... Technically, UberEat only trusts all requests, which are signed by their own certificate. So Proxyman's Certificate doesn't fulfill them => Error 9806. Your suggestion only works with iOS app, since it's sandbox and one of security requirements, but it's not for Proxyman (not sandbox app), and the problem is different 😄 Here some apps I know so far that support SSL-pining: 1. Well-known app: Facebook, Uber, Grab, Twitter, ... 2. Google Analytic on mobile: `e.crashlytics.com` 3. Banking and e-commerce apps too. Let me know if you need further help 👍 P/S: If you're developer at UberEat, you can manually disable the SSL-Pining or trust Proxyman CA in DEV build.

kerem commented 2026-03-03 19:16:24 +03:00

Author

Owner

Copy link

@tuckerconnelly commented on GitHub (Jul 29, 2019):

Hey @NghiaTranUIT just want to thank you for the super thorough response. If I could tip you a few (or sponsor this project on GitHub) I would. I'd buy Proxyman, but the utility of it is limited for my use case given the SSL pinning defense. Good luck, your hard work is inspiring :)

<!-- gh-comment-id:516082972 --> @tuckerconnelly commented on GitHub (Jul 29, 2019): Hey @NghiaTranUIT just want to thank you for the super thorough response. If I could tip you a few $$ (or sponsor this project on GitHub) I would. I'd buy Proxyman, but the utility of it is limited for my use case given the SSL pinning defense. Good luck, your hard work is inspiring :)

kerem commented 2026-03-03 19:16:24 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jul 30, 2019):

Hey, Thank for kind words. Don't worry about the , if you like Proxyman, you can spread it out to your friends or workmates or tweet 🐦and tags us @proxyman_app. The best sponsor is word of mouth 😄

Thank you so much 🎉

<!-- gh-comment-id:516235035 --> @NghiaTranUIT commented on GitHub (Jul 30, 2019): Hey, Thank for kind words. Don't worry about the $$, if you like Proxyman, you can spread it out to your friends or workmates or tweet 🐦and tags us `@proxyman_app`. The best sponsor is word of mouth 😄 Thank you so much 🎉

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

6.9.0

6.8.0

6.7.0

6.6.0

6.5.0

6.4.0

6.3.0

6.2.0

6.1.0

6.0.2

6.0.0

6.0.1

5.25.0

5.24.0

5.23.0

5.23.1

5.22.0

5.20.0

5.21.0

5.19.0

5.18.0

5.17.0

5.16.0

5.15.0

5.14.0

5.12.2

5.12.1

5.12.0

5.11.0

5.10.0

5.8.0

5.9.0

5.7.0

5.6.1

5.6.0

5.5.0

5.4.0

5.2.0

5.3.0

5.1.1

5.0.0

4.16.0

4.15.0

4.14.0

4.13.0

4.12.0

4.11.0

4.10.0

4.9.1

4.9.0

4.8.2

4.8.1

4.8.0

4.7.1

4.7.0

4.6.1

4.6.0

4.5.0

4.4.0

4.3.1

4.3.0

4.2.1

4.2.0

4.1.0

4.0.0

3.15.0

3.14.0

3.13.0

3.12.0

3.11.0

3.10.0

3.9.0

3.8.0

3.7.0

3.6.2

3.6.1

3.6.0

3.5.2

3.5.1

3.5.0

3.4.0

3.3.0

3.2.0

3.1.0

3.0.0

2.35.4

2.35.3

2.35.2

2.35.1

2.35.0

2.34.1

2.34.0

2.33.0

2.32.1

2.32.0

2.31.0

2.30.0

2.29.0

2.28.0

2.27.0

2.26.0

2.25.0

2.24.0

2.23.0

2.22.0

2.21.1

2.21.0

2.20.0

2.19.0

2.18.0

2.17.0

2.16.1

2.16.0

2.15.2

2.15.1

2.15.0

2.14.2

2.14.1

2.14.0

2.13.0

2.12.0

2.11.1

2.11.0

2.10.0

2.9.1

2.9.0

2.8.0

2.7.0

2.6.0

2.5.3

2.5.2

2.5.1

2.5.0

2.4.2

2.4.1

2.4.0

2.3.0

2.2.0

2.1.1

2.1.0

2.0.1

2.0.0

1.24.0

1.23.0

1.22.0

1.21.0

1.20.0

1.19.0

1.18.1

1.18.0

1.17.1

1.17.0

1.16.0

1.15.0

1.14.1

1.14.0

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.7

1.4.6

1.4.5.1

1.4.5

1.4.4.1

1.4.4

1.4.3

1.4.2

1.4.1.1

1.4.1

1.4

1.3.9

1.3.8

1.3.7

1.3.6

1.3.5

1.3.4.3

1.3.4.2

1.3.4.1

1.3.4

1.3.3

1.3.2

1.3.1

1.3

1.2

1.1.2

1.1.1

1.1

1.0.3

1.0.2

1.0

0.8.1

0.8

0.7

0.6

0.5.1

0.5

v0.4.1

Labels

Clear labels   

Discussion

  

Feature request

  

In Progress...

  

Plugins

  

Waiting response

  

Windows

  

Windows

  

bug

  

duplicate

  

enhancement

  

feature

  

good first issue

  

iOS

  

macOS 10.11

  

question

  

wontfix

  

✅ Done

No labels

Discussion

Feature request

In Progress...

Plugins

Waiting response

Windows

Windows

bug

duplicate

enhancement

feature

good first issue

iOS

macOS 10.11

question

wontfix

✅ Done

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/Proxyman#224

No description provided.