starred/Proxyman
1
0
Fork 0
mirror of https://github.com/ProxymanApp/Proxyman.git synced 2026-04-26 16:45:57 +03:00
Code Issues 1.2k Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #386] Client SSL Handshake Failed (code=-9806) #383

New issue
Open
opened 2026-03-03 19:18:04 +03:00 by kerem · 20 comments
kerem commented 2026-03-03 19:18:04 +03:00
Owner
Copy link

Originally created by @yauheniprakapenka on GitHub (Jan 27, 2020).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/386

Originally assigned to: @NghiaTranUIT on GitHub.

Proxyman 1.15.0
macOS 10.15.2
Xcode 11.3.1

Steps to reproduce

  1. Open Xcode playground
  2. Run session.dataTask in the playground
  3. In Proxyman click "Enable all domains from..."

Result

Video:
https://drive.google.com/open?id=1goIvL7XHo4FTo7QNzN_fWxgaOdemWLlF

Screenshots
Screenshot 2020-01-27 at 21 30 24

Expected

Display response with json

If this is the correct behavior, then how to fix this error manually?

Originally created by @yauheniprakapenka on GitHub (Jan 27, 2020). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/386 Originally assigned to: @NghiaTranUIT on GitHub. Proxyman 1.15.0 macOS 10.15.2 Xcode 11.3.1 ### Steps to reproduce 1) Open Xcode playground 2) Run session.dataTask in the playground 3) In Proxyman click "Enable all domains from..." ### Result Video: https://drive.google.com/open?id=1goIvL7XHo4FTo7QNzN_fWxgaOdemWLlF Screenshots ![Screenshot 2020-01-27 at 21 30 24](https://user-images.githubusercontent.com/47568606/73202776-d1b76b00-414c-11ea-988c-bf9c91b6ad36.png) ### Expected Display response with json If this is the correct behavior, then how to fix this error manually?
kerem commented 2026-03-03 19:18:05 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 28, 2020):

From your codebase, it's straightforward and it should work. Let me investigate it 👍

<!-- gh-comment-id:579043490 --> @NghiaTranUIT commented on GitHub (Jan 28, 2020): From your codebase, it's straightforward and it should work. Let me investigate it 👍
kerem commented 2026-03-03 19:18:05 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 28, 2020):

@yauheniprakapenka I tested on my machine and it works (Same code)

Screen Shot 2020-01-28 at 09 27 37

Look like your Proxyman CA was generated from very build, which is not fulfill the new Certificate Requirement from Catalina and result in the SSH Handshake fail.

Please try to reset via Help Menu -> Advanced -> Reset all Data & Certificate. Then try again. It should work 👍

<!-- gh-comment-id:579051572 --> @NghiaTranUIT commented on GitHub (Jan 28, 2020): @yauheniprakapenka I tested on my machine and it works (Same code) <img width="1988" alt="Screen Shot 2020-01-28 at 09 27 37" src="https://user-images.githubusercontent.com/5878421/73230756-e0376e00-41b0-11ea-9953-ece7f8bf5c82.png"> Look like your Proxyman CA was generated from very build, which is not fulfill the new [Certificate Requirement from Catalina ](https://support.apple.com/en-us/HT210176) and result in the SSH Handshake fail. Please try to reset via Help Menu -> Advanced -> Reset all Data & Certificate. Then try again. It should work 👍
kerem commented 2026-03-03 19:18:05 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 28, 2020):

Meanwhile, I will create a ticket to migrate old Certificate (if existed) to the new one 👍

<!-- gh-comment-id:579051667 --> @NghiaTranUIT commented on GitHub (Jan 28, 2020): Meanwhile, I will create a ticket to migrate old Certificate (if existed) to the new one 👍
kerem commented 2026-03-03 19:18:05 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 28, 2020):

Quick question @yauheniprakapenka. Have you able to successfully see any HTTPS Response from other domain, such as Google.com from Google Chrome? 🤔

<!-- gh-comment-id:579063371 --> @NghiaTranUIT commented on GitHub (Jan 28, 2020): Quick question @yauheniprakapenka. Have you able to successfully see any HTTPS Response from other domain, such as Google.com from Google Chrome? 🤔
kerem commented 2026-03-03 19:18:05 +03:00
Author
Owner
Copy link

@yauheniprakapenka commented on GitHub (Jan 28, 2020):

I have not found "Reset all Data & Certificate"

I tried:

  1. Menu - Certificate - Reset all proxyman certificate
  2. Menu - Tools - Clear all cache
  3. Menu - Proxyman - Preference - Advanced - Install proxyman helper tool
  4. Restart MacBook
    Result: Anyway error 9806

But Safari requests work: https://drive.google.com/open?id=11qR9eVqePqBYtOtA0pamiNp-aMhwab1_

Off-topic:
My colleagues and I are asking you to make it possible to save the sorting settings after each Proxyman run. It is very convenient to see new time queries at the top of the list.
Screenshot 2020-01-28 at 09 20 32

At this moment need to reconfigure sorting after each start.

<!-- gh-comment-id:579099848 --> @yauheniprakapenka commented on GitHub (Jan 28, 2020): I have not found "Reset all Data & Certificate" **I tried:** 1. Menu - Certificate - Reset all proxyman certificate 2. Menu - Tools - Clear all cache 3. Menu - Proxyman - Preference - Advanced - Install proxyman helper tool 4. Restart MacBook **Result**: Anyway error 9806 But Safari requests work: https://drive.google.com/open?id=11qR9eVqePqBYtOtA0pamiNp-aMhwab1_ **Off-topic:** My colleagues and I are asking you to make it possible to save the sorting settings after each Proxyman run. It is very convenient to see new time queries at the top of the list. <img width="426" alt="Screenshot 2020-01-28 at 09 20 32" src="https://user-images.githubusercontent.com/47568606/73240391-e4af5700-41af-11ea-9e9c-5c2f8faaefcc.png"> At this moment need to reconfigure sorting after each start.
kerem commented 2026-03-03 19:18:05 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 28, 2020):

It's possible to persist the previous state of sorting. I will work on it 👍

"Reset all Data & Certificate" is in Help

Screen Shot 2020-01-28 at 13 35 47

Can you double check the Google Drive link? I couldn't access it @yauheniprakapenka

<!-- gh-comment-id:579102106 --> @NghiaTranUIT commented on GitHub (Jan 28, 2020): It's possible to persist the previous state of sorting. I will work on it 👍 ------------- "Reset all Data & Certificate" is in Help <img width="858" alt="Screen Shot 2020-01-28 at 13 35 47" src="https://user-images.githubusercontent.com/5878421/73240959-243b6a80-41d3-11ea-99b7-364dc1748e55.png"> Can you double check the Google Drive link? I couldn't access it @yauheniprakapenka
kerem commented 2026-03-03 19:18:05 +03:00
Author
Owner
Copy link

@yauheniprakapenka commented on GitHub (Jan 28, 2020):

  1. Reopened the link
    https://drive.google.com/file/d/11qR9eVqePqBYtOtA0pamiNp-aMhwab1_/view?usp=sharing

  2. Poorly visible place of this setting :)
    I did: Help -> Advances -> Reset all data. Unfortunately, this did not help. Still a mistake 9806 :(

<!-- gh-comment-id:579324407 --> @yauheniprakapenka commented on GitHub (Jan 28, 2020): 1. Reopened the link https://drive.google.com/file/d/11qR9eVqePqBYtOtA0pamiNp-aMhwab1_/view?usp=sharing 2. Poorly visible place of this setting :) I did: Help -> Advances -> Reset all data. Unfortunately, this did not help. Still a mistake 9806 :(
kerem commented 2026-03-03 19:18:05 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 28, 2020):

Thank for the video @yauheniprakapenka . So far, from what I see, you're able to see another HTTPS response (google.com). It means that the Certificate is configed properly.

Regarding your bug, I'm able to reproduce it 🎉

Basically, if we run Swift Playaround on iOS mode -> There is a bug that I'm not aware, which cause the SSL Handshake fail. I assume that iOS Playground is running via a hidden iOS Simulator (I see a lot of requests from iOS Simulator in Proxyman), which doesn't installed Proxyman Certificate yet.

To workaround, I suggest

  • Switch to macOS Playground mode
    Screen_Shot_2020-01-28_at_23_33_11

Result
Screen Shot 2020-01-28 at 23 33 04

  • Or Test your code in iOS app with proper iOS Simulator.
<!-- gh-comment-id:579340083 --> @NghiaTranUIT commented on GitHub (Jan 28, 2020): Thank for the video @yauheniprakapenka . So far, from what I see, you're able to see another HTTPS response (google.com). It means that the Certificate is configed properly. Regarding your bug, I'm able to reproduce it 🎉 Basically, if we run Swift Playaround on iOS mode -> There is a bug that I'm not aware, which cause the SSL Handshake fail. I assume that iOS Playground is running via a hidden iOS Simulator (I see a lot of requests from iOS Simulator in Proxyman), which doesn't installed Proxyman Certificate yet. ---------------- To workaround, I suggest - Switch to macOS Playground mode <img width="2032" alt="Screen_Shot_2020-01-28_at_23_33_11" src="https://user-images.githubusercontent.com/5878421/73284293-eec06c80-4226-11ea-99c1-f926d6989d7c.png"> **Result** <img width="2032" alt="Screen Shot 2020-01-28 at 23 33 04" src="https://user-images.githubusercontent.com/5878421/73284340-01d33c80-4227-11ea-963f-eff770af84a2.png"> - Or Test your code in iOS app with proper iOS Simulator.
kerem commented 2026-03-03 19:18:06 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 28, 2020):

Meanwhile, I will investigate the fail on iOS Playground 👍

<!-- gh-comment-id:579340217 --> @NghiaTranUIT commented on GitHub (Jan 28, 2020): Meanwhile, I will investigate the fail on iOS Playground 👍
kerem commented 2026-03-03 19:18:06 +03:00
Author
Owner
Copy link

@yauheniprakapenka commented on GitHub (Jan 28, 2020):

Switching helped! Now it works great :) I completely forgot that at one of the courses on iOS the speaker said to optimize this parameter, I changed it.

<!-- gh-comment-id:579349233 --> @yauheniprakapenka commented on GitHub (Jan 28, 2020): Switching helped! Now it works great :) I completely forgot that at one of the courses on iOS the speaker said to optimize this parameter, I changed it.
kerem commented 2026-03-03 19:18:06 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 29, 2020):

Glad to hear that work for you 🌮 I'm fixing the bug on iOS Playground 👍

<!-- gh-comment-id:579608156 --> @NghiaTranUIT commented on GitHub (Jan 29, 2020): Glad to hear that work for you 🌮 I'm fixing the bug on iOS Playground 👍
kerem commented 2026-03-03 19:18:06 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Jan 31, 2020):

@yauheniprakapenka From what I investigated, there is no official way to do SSL Proxying on Swift Playground. It happens in other tools too.

There is a workaround at: https://gist.github.com/NghiaTranUIT/275c8da5068d506869a21bd16da27094

<!-- gh-comment-id:580554726 --> @NghiaTranUIT commented on GitHub (Jan 31, 2020): @yauheniprakapenka From what I investigated, there is no official way to do SSL Proxying on Swift Playground. It happens in other tools too. There is a workaround at: https://gist.github.com/NghiaTranUIT/275c8da5068d506869a21bd16da27094
kerem commented 2026-03-03 19:18:06 +03:00
Author
Owner
Copy link

@yauheniprakapenka commented on GitHub (Feb 2, 2020):

Many thanks! It works)

<!-- gh-comment-id:581111111 --> @yauheniprakapenka commented on GitHub (Feb 2, 2020): Many thanks! It works)
kerem commented 2026-03-03 19:18:06 +03:00
Author
Owner
Copy link

@yauheniprakapenka commented on GitHub (Aug 1, 2020):

Good evening.

Today I exchanged the old Xiaomi redmi 5 (Android 8) for the new Xiaomi Redme 9a (Android 10). An error is displayed when trying to view the content of requests

Version 2.3.0 (20300)

SSL Handshake Failed
handshakeFailed (NIOSSL.BoringSSLError.sslError ([Error: 268436502 error: 10000416: SSL routines: OPENSSL_internal: SSLV3_ALERT_CERTIFICATE_UNKNOWN]))

My application on old Xiaomi redmi 5 worked perfectly.

Settings in the app:

<base-config cleartextTrafficPermitted = "true">
    <trust-anchors>
        <certificates src = "system" />
    </trust-anchors>
</base-config>

<domain-config>
    <domain includeSubdomains = "true"> **url_link** </domain>
    <trust-anchors>
        <certificates src = "user" />
        <certificates src = "system" />
    </trust-anchors>
</domain-config>

Is it possible that the proxy cannot work with android 10?

<!-- gh-comment-id:667571204 --> @yauheniprakapenka commented on GitHub (Aug 1, 2020): Good evening. Today I exchanged the old Xiaomi redmi 5 (Android 8) for the new Xiaomi Redme 9a (Android 10). An error is displayed when trying to view the content of requests Version 2.3.0 (20300) SSL Handshake Failed handshakeFailed (NIOSSL.BoringSSLError.sslError ([Error: 268436502 error: 10000416: SSL routines: OPENSSL_internal: SSLV3_ALERT_CERTIFICATE_UNKNOWN])) My application on old Xiaomi redmi 5 worked perfectly. Settings in the app: <? xml version = "1.0" encoding = "utf-8"?> <network-security-config> <base-config cleartextTrafficPermitted = "true"> <trust-anchors> <certificates src = "system" /> </trust-anchors> </base-config> <domain-config> <domain includeSubdomains = "true"> **url_link** </domain> <trust-anchors> <certificates src = "user" /> <certificates src = "system" /> </trust-anchors> </domain-config> </network-security-config> Is it possible that the proxy cannot work with android 10?
kerem commented 2026-03-03 19:18:06 +03:00
Author
Owner
Copy link

@yauheniprakapenka commented on GitHub (Aug 1, 2020):

Its work for me

Xiaomi Redmi 9a (Android 10, MIUI 12.0.1)

  1. In the physical device Settings app> Wi-Fi> Select current Wi-Fi> Configure Proxy
    Proxy: manually
    Hostname: take from android guideline
    Port: take from android guideline
    Exceptions: empty
    IP Settings: DHCP
    Privacy: use the device's MAC address

Click save

  1. In the physical device in the browser, enter http://proxy.man/ssl
    Certificate name: proxyman
    Usage: VPN and Apps

Press ok

<!-- gh-comment-id:667584507 --> @yauheniprakapenka commented on GitHub (Aug 1, 2020): Its work for me _Xiaomi Redmi 9a (Android 10, MIUI 12.0.1)_ 1. In the physical device Settings app> Wi-Fi> Select current Wi-Fi> Configure Proxy Proxy: manually Hostname: take from android guideline Port: take from android guideline Exceptions: empty IP Settings: DHCP Privacy: use the device's MAC address Click save 2. In the physical device in the browser, enter http://proxy.man/ssl Certificate name: proxyman Usage: VPN and Apps Press ok
kerem commented 2026-03-03 19:18:06 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Aug 2, 2020):

Don't forget to install the Certificate on a new Android device 😄 Glad to know it works for you 🌮

<!-- gh-comment-id:667612815 --> @NghiaTranUIT commented on GitHub (Aug 2, 2020): Don't forget to install the Certificate on a new Android device 😄 Glad to know it works for you 🌮
kerem commented 2026-03-03 19:18:07 +03:00
Author
Owner
Copy link

@vvnsrzn commented on GitHub (Aug 26, 2022):

Hello,

How did you get rid of this?
I have the same issue as you, but I can't move towards.

  1. I installed and trusted my certificate
    Screen Shot 2022-08-26 at 1 03 15 PM

  2. I did the right proxy
    Screen Shot 2022-08-26 at 1 04 21 PM

  3. My cert is properly installed and issued by proxy.man/ssl
    Screen Shot 2022-08-26 at 1 08 40 PM

However, I'm still stuck 😞
Sans titre (1)

I restarted my devices, it doesn't help.

Do you have any idea/suggestion to share?
Any help is more than welcome!

<!-- gh-comment-id:1228368638 --> @vvnsrzn commented on GitHub (Aug 26, 2022): Hello, How did you get rid of this? I have the same issue as you, but I can't move towards. 1. I installed and trusted my certificate <img width="503" alt="Screen Shot 2022-08-26 at 1 03 15 PM" src="https://user-images.githubusercontent.com/9358572/186890150-66d49929-e2d5-42a4-bf9b-c69c5b107d79.png"> 2. I did the right proxy <img width="306" alt="Screen Shot 2022-08-26 at 1 04 21 PM" src="https://user-images.githubusercontent.com/9358572/186890315-4e16f5de-84d8-4897-becd-6a52e285692a.png"> 3. My cert is properly installed and issued by proxy.man/ssl <img width="395" alt="Screen Shot 2022-08-26 at 1 08 40 PM" src="https://user-images.githubusercontent.com/9358572/186891021-5d7a2651-17c7-4719-9697-69ec2fca5b4f.png"> However, I'm still stuck 😞 ![Sans titre (1)](https://user-images.githubusercontent.com/9358572/186891779-370b509d-e446-4243-8b20-3dfc474e9115.png) I restarted my devices, it doesn't help. Do you have any idea/suggestion to share? Any help is more than welcome!
kerem commented 2026-03-03 19:18:07 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Aug 26, 2022):

Hey @VivianSolide How about the 5th step in https://docs.proxyman.io/debug-devices/android-device ?

  • Add res/xml/network_security_config.xml
  • Add to AndroidManifest.xml
<!-- gh-comment-id:1228369733 --> @NghiaTranUIT commented on GitHub (Aug 26, 2022): Hey @VivianSolide How about the 5th step in https://docs.proxyman.io/debug-devices/android-device ? - Add res/xml/network_security_config.xml - Add to AndroidManifest.xml
kerem commented 2026-03-03 19:18:07 +03:00
Author
Owner
Copy link

@vvnsrzn commented on GitHub (Aug 26, 2022):

I'm running on Android 11.

I thought I could do without the 5th step 😕

Sorry for this misunderstanding!

<!-- gh-comment-id:1228372233 --> @vvnsrzn commented on GitHub (Aug 26, 2022): I'm running on Android 11. I thought I could do without the 5th step 😕 Sorry for this misunderstanding!
kerem commented 2026-03-03 19:18:07 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Aug 26, 2022):

Please note that the 5th step is required in order to intercept HTTPS traffic from Android devices.

<!-- gh-comment-id:1228372333 --> @NghiaTranUIT commented on GitHub (Aug 26, 2022): Please note that the 5th step is required in order to intercept HTTPS traffic from Android devices.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
6.9.0
6.8.0
6.7.0
6.6.0
6.5.0
6.4.0
6.3.0
6.2.0
6.1.0
6.0.2
6.0.0
6.0.1
5.25.0
5.24.0
5.23.0
5.23.1
5.22.0
5.20.0
5.21.0
5.19.0
5.18.0
5.17.0
5.16.0
5.15.0
5.14.0
5.12.2
5.12.1
5.12.0
5.11.0
5.10.0
5.8.0
5.9.0
5.7.0
5.6.1
5.6.0
5.5.0
5.4.0
5.2.0
5.3.0
5.1.1
5.0.0
4.16.0
4.15.0
4.14.0
4.13.0
4.12.0
4.11.0
4.10.0
4.9.1
4.9.0
4.8.2
4.8.1
4.8.0
4.7.1
4.7.0
4.6.1
4.6.0
4.5.0
4.4.0
4.3.1
4.3.0
4.2.1
4.2.0
4.1.0
4.0.0
3.15.0
3.14.0
3.13.0
3.12.0
3.11.0
3.10.0
3.9.0
3.8.0
3.7.0
3.6.2
3.6.1
3.6.0
3.5.2
3.5.1
3.5.0
3.4.0
3.3.0
3.2.0
3.1.0
3.0.0
2.35.4
2.35.3
2.35.2
2.35.1
2.35.0
2.34.1
2.34.0
2.33.0
2.32.1
2.32.0
2.31.0
2.30.0
2.29.0
2.28.0
2.27.0
2.26.0
2.25.0
2.24.0
2.23.0
2.22.0
2.21.1
2.21.0
2.20.0
2.19.0
2.18.0
2.17.0
2.16.1
2.16.0
2.15.2
2.15.1
2.15.0
2.14.2
2.14.1
2.14.0
2.13.0
2.12.0
2.11.1
2.11.0
2.10.0
2.9.1
2.9.0
2.8.0
2.7.0
2.6.0
2.5.3
2.5.2
2.5.1
2.5.0
2.4.2
2.4.1
2.4.0
2.3.0
2.2.0
2.1.1
2.1.0
2.0.1
2.0.0
1.24.0
1.23.0
1.22.0
1.21.0
1.20.0
1.19.0
1.18.1
1.18.0
1.17.1
1.17.0
1.16.0
1.15.0
1.14.1
1.14.0
1.13.1
1.13.0
1.12.0
1.11.0
1.10.0
1.9.3
1.9.2
1.9.1
1.9.0
1.8.0
1.7.2
1.7.1
1.7.0
1.6.2
1.6.1
1.6.0
1.5.1
1.5.0
1.4.7
1.4.6
1.4.5.1
1.4.5
1.4.4.1
1.4.4
1.4.3
1.4.2
1.4.1.1
1.4.1
1.4
1.3.9
1.3.8
1.3.7
1.3.6
1.3.5
1.3.4.3
1.3.4.2
1.3.4.1
1.3.4
1.3.3
1.3.2
1.3.1
1.3
1.2
1.1.2
1.1.1
1.1
1.0.3
1.0.2
1.0
0.8.1
0.8
0.7
0.6
0.5.1
0.5
v0.4.1
Labels
Clear labels   
Discussion

   
Feature request

   
In Progress...

   
Plugins

   
Waiting response

   
Windows

   
Windows

   
bug

   
duplicate

   
enhancement

   
feature

   
good first issue

   
iOS

   
macOS 10.11

   
question

   
wontfix

   
Done
No labels
Discussion
Feature request
In Progress...
Plugins
Waiting response
Windows
Windows
bug
duplicate
enhancement
feature
good first issue
iOS
macOS 10.11
question
wontfix
Done
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Proxyman#383
No description provided.