starred/Proxyman
1
0
Fork 0
mirror of https://github.com/ProxymanApp/Proxyman.git synced 2026-04-27 00:55:57 +03:00
Code Issues 1.2k Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #672] SSL Handshake Failed & enable all SSL requests for remote devices #668

New issue
Open
opened 2026-03-03 19:20:49 +03:00 by kerem · 7 comments
kerem commented 2026-03-03 19:20:49 +03:00
Owner
Copy link

Originally created by @rainb3rry on GitHub (Oct 29, 2020).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/672

Originally assigned to: @NghiaTranUIT on GitHub.

Proxyman version? 2.10.0

macOS Version? 10.15.6

Steps to reproduce

I'm trying intercept https requests coming from my NoxPlayer android emulator, activated and truested ssl certificates on mac and emulator, added the proxy options to emulator.

I can see requests on Remote devices tab in Proxyman app, but i got SSL Handshake Failed error even though certificates installed on devices.
The error:

handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268436498 error:10000412:SSL routines:OPENSSL_internal:SSLV3_ALERT_BAD_CERTIFICATE]))

Expected behavior

I just want to see and intercept all requests from my emulator smoothly.

BTW, is there any option to enable all ssl responses for emulator like in apps, I can see only Enable only this domain button, i would like to enable all domains for my emulator too.
image

Originally created by @rainb3rry on GitHub (Oct 29, 2020). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/672 Originally assigned to: @NghiaTranUIT on GitHub. ### Proxyman version? `2.10.0` ### macOS Version? `10.15.6` ### Steps to reproduce I'm trying intercept https requests coming from my NoxPlayer android emulator, activated and truested ssl certificates on mac and emulator, added the proxy options to emulator. I can see requests on `Remote devices` tab in Proxyman app, but i got `SSL Handshake Failed` error even though certificates installed on devices. The error: ``` handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268436498 error:10000412:SSL routines:OPENSSL_internal:SSLV3_ALERT_BAD_CERTIFICATE])) ``` ### Expected behavior I just want to see and intercept all requests from my emulator smoothly. BTW, is there any option to enable all ssl responses for emulator like in apps, I can see only `Enable only this domain` button, i would like to enable all domains for my emulator too. ![image](https://user-images.githubusercontent.com/26173028/97517799-f45e0500-19a6-11eb-81cb-7745f10f75ac.png)
kerem commented 2026-03-03 19:20:50 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Oct 29, 2020):

Hi @rainb3rry,

It's the first time I hear "NoxPlayer android emulator". Maybe it requires extra steps to make it works.

Can you try Android Emulator from Android Studio? If you use it, you can run our built-in script (https://docs.proxyman.io/debug-devices/android-device/automatic-script-for-android-emulator) to do all tasks automatically (includes HTTP Proxy, Install, and Trust certificates).

Btw, can you share with us what Android version are you using? Because if it's Android 11+, you have to manually trust the Certificate in the system. Read more at: https://docs.proxyman.io/troubleshooting/my-ios-devices-couldnt-connect-to-proxyman-via-proxy#2-install-and-trust-proxyman-ca-for-android-with-api-30

Regarding the Enable from app in Android Emulator, it's technically impossible since we don't know where the traffic from if it's from the physical or emulator. It's possible on macOS because we can access to iptable.

<!-- gh-comment-id:718319616 --> @NghiaTranUIT commented on GitHub (Oct 29, 2020): Hi @rainb3rry, It's the first time I hear "NoxPlayer android emulator". Maybe it requires extra steps to make it works. Can you try Android Emulator from Android Studio? If you use it, you can run our built-in script (https://docs.proxyman.io/debug-devices/android-device/automatic-script-for-android-emulator) to do all tasks automatically (includes HTTP Proxy, Install, and Trust certificates). Btw, can you share with us what Android version are you using? Because if it's Android 11+, you have to manually trust the Certificate in the system. Read more at: https://docs.proxyman.io/troubleshooting/my-ios-devices-couldnt-connect-to-proxyman-via-proxy#2-install-and-trust-proxyman-ca-for-android-with-api-30 ------------- Regarding the Enable from app in Android Emulator, it's technically impossible since we don't know where the traffic from if it's from the physical or emulator. It's possible on macOS because we can access to iptable.
kerem commented 2026-03-03 19:20:50 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Oct 29, 2020):

There is one more scenario that your config in your project yet:

  • Add res/xml/network_security_config.xml
  • Add to AndroidManifest.xml
  • Make sure you replace your_production_domain with your real domains that you're going to intercept.

Please check out the Step 4 at https://docs.proxyman.io/debug-devices/android-device#android-setup-guide

<!-- gh-comment-id:718320241 --> @NghiaTranUIT commented on GitHub (Oct 29, 2020): There is one more scenario that your config in your project yet: - Add res/xml/network_security_config.xml - Add to AndroidManifest.xml - Make sure you replace your_production_domain with your real domains that you're going to intercept. Please check out the Step 4 at https://docs.proxyman.io/debug-devices/android-device#android-setup-guide
kerem commented 2026-03-03 19:20:50 +03:00
Author
Owner
Copy link

@rainb3rry commented on GitHub (Oct 29, 2020):

Hey @NghiaTranUIT thanks for quick response.

My android version is 7.1.2 and I want to say I'm not working on my own android app I'm trying to intercept some apps traffic like instagram and https websites on android browser but i cannot see the requests and responses smoothly on the Proxyman app.

I see CONNECT text on method column in requests row on remote device tab, i would like to see POST or GET requests instead of CONNECT and this requests have 999 error code.

I'm getting same issue likewise when I try to connect https://google.com (I enabled ssl for that domain) on android browser,
image

I can see post and get requests for mac apps perfectly but i cannot see for 192.168.2.112 remote device (Noxplayer emulator).

Btw, i see my mac name on certificate that installed android side, is that okay?
image

<!-- gh-comment-id:718333213 --> @rainb3rry commented on GitHub (Oct 29, 2020): Hey @NghiaTranUIT thanks for quick response. My android version is 7.1.2 and I want to say I'm not working on my own android app I'm trying to intercept some apps traffic like instagram and https websites on android browser but i cannot see the requests and responses smoothly on the Proxyman app. I see `CONNECT` text on method column in requests row on remote device tab, i would like to see `POST` or `GET` requests instead of `CONNECT` and this requests have 999 error code. I'm getting same issue likewise when I try to connect `https://google.com` (I enabled ssl for that domain) on android browser, ![image](https://user-images.githubusercontent.com/26173028/97521348-756cca80-19ae-11eb-915b-c13cde76ef0d.png) I can see post and get requests for mac apps perfectly but i cannot see for 192.168.2.112 remote device (Noxplayer emulator). Btw, i see my mac name on certificate that installed android side, is that okay? ![image](https://user-images.githubusercontent.com/26173028/97521109-e65fb280-19ad-11eb-9640-a21b5b1e7dae.png)
kerem commented 2026-03-03 19:20:50 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Oct 29, 2020):

So, if you're trying to intercept other apps (not the one you're own) from Android. It's impossible unfortunately (even though it's possible in iOS)

Because Android requires configurations in network_security_config.xml and AndroidManifest.xml in order to intercept the HTTPS Traffic.

Therefore, you see SSL Error. It's correct behavior

<!-- gh-comment-id:718336773 --> @NghiaTranUIT commented on GitHub (Oct 29, 2020): So, if you're trying to intercept other apps (not the one you're own) from Android. It's impossible unfortunately (even though it's possible in iOS) Because Android requires configurations in network_security_config.xml and AndroidManifest.xml in order to intercept the HTTPS Traffic. Therefore, you see SSL Error. It's correct behavior
kerem commented 2026-03-03 19:20:50 +03:00
Author
Owner
Copy link

@rainb3rry commented on GitHub (Oct 29, 2020):

Hmm, so i cannot intercept even in browser actions (ssl websites) on android? It's was doing that on Burp Suite.
So, can I do that and ios apps on external IOS device?

Thanks.

<!-- gh-comment-id:718340746 --> @rainb3rry commented on GitHub (Oct 29, 2020): Hmm, so i cannot intercept even in browser actions (ssl websites) on android? It's was doing that on Burp Suite. So, can I do that and ios apps on external IOS device? Thanks.
kerem commented 2026-03-03 19:20:51 +03:00
Author
Owner
Copy link

@rainb3rry commented on GitHub (Oct 29, 2020):

I tried on IOS now and it's worked on safari browser for ssl websites but I'm getting same error on instagram app, that's because of some development settings of the instagram app?
If so, how they intercept a mobile app API structure and write an unofficial API based the mobile app API (like https://github.com/dilame/instagram-private-api)

Edit: I tried on another app and it's worked beautifully, digressive but how can I see instagram app API do you know 😂 like above repository.

Thanks for your help.

<!-- gh-comment-id:718343595 --> @rainb3rry commented on GitHub (Oct 29, 2020): I tried on IOS now and it's worked on safari browser for ssl websites but I'm getting same error on instagram app, that's because of some development settings of the instagram app? If so, how they intercept a mobile app API structure and write an unofficial API based the mobile app API (like https://github.com/dilame/instagram-private-api) Edit: I tried on another app and it's worked beautifully, digressive but how can I see instagram app API do you know 😂 like above repository. Thanks for your help.
kerem commented 2026-03-03 19:20:51 +03:00
Author
Owner
Copy link

@NghiaTranUIT commented on GitHub (Oct 29, 2020):

Yay, famous iOS apps are already used SSL Pinning techniques to prevent man-in-the-middle app like Proxyman or Charles to intercept their https traffic. Therefore you couldn’t intercept it unless you are Instagram developers who have the company certificates.

You can by pass it by using a jailbreak iOS device or rooted Android device to force the app to trust Proxyman certificate. Thus, you can get HTTPs traffic 😁

<!-- gh-comment-id:718344909 --> @NghiaTranUIT commented on GitHub (Oct 29, 2020): Yay, famous iOS apps are already used SSL Pinning techniques to prevent man-in-the-middle app like Proxyman or Charles to intercept their https traffic. Therefore you couldn’t intercept it unless you are Instagram developers who have the company certificates. You can by pass it by using a jailbreak iOS device or rooted Android device to force the app to trust Proxyman certificate. Thus, you can get HTTPs traffic 😁
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
6.9.0
6.8.0
6.7.0
6.6.0
6.5.0
6.4.0
6.3.0
6.2.0
6.1.0
6.0.2
6.0.0
6.0.1
5.25.0
5.24.0
5.23.0
5.23.1
5.22.0
5.20.0
5.21.0
5.19.0
5.18.0
5.17.0
5.16.0
5.15.0
5.14.0
5.12.2
5.12.1
5.12.0
5.11.0
5.10.0
5.8.0
5.9.0
5.7.0
5.6.1
5.6.0
5.5.0
5.4.0
5.2.0
5.3.0
5.1.1
5.0.0
4.16.0
4.15.0
4.14.0
4.13.0
4.12.0
4.11.0
4.10.0
4.9.1
4.9.0
4.8.2
4.8.1
4.8.0
4.7.1
4.7.0
4.6.1
4.6.0
4.5.0
4.4.0
4.3.1
4.3.0
4.2.1
4.2.0
4.1.0
4.0.0
3.15.0
3.14.0
3.13.0
3.12.0
3.11.0
3.10.0
3.9.0
3.8.0
3.7.0
3.6.2
3.6.1
3.6.0
3.5.2
3.5.1
3.5.0
3.4.0
3.3.0
3.2.0
3.1.0
3.0.0
2.35.4
2.35.3
2.35.2
2.35.1
2.35.0
2.34.1
2.34.0
2.33.0
2.32.1
2.32.0
2.31.0
2.30.0
2.29.0
2.28.0
2.27.0
2.26.0
2.25.0
2.24.0
2.23.0
2.22.0
2.21.1
2.21.0
2.20.0
2.19.0
2.18.0
2.17.0
2.16.1
2.16.0
2.15.2
2.15.1
2.15.0
2.14.2
2.14.1
2.14.0
2.13.0
2.12.0
2.11.1
2.11.0
2.10.0
2.9.1
2.9.0
2.8.0
2.7.0
2.6.0
2.5.3
2.5.2
2.5.1
2.5.0
2.4.2
2.4.1
2.4.0
2.3.0
2.2.0
2.1.1
2.1.0
2.0.1
2.0.0
1.24.0
1.23.0
1.22.0
1.21.0
1.20.0
1.19.0
1.18.1
1.18.0
1.17.1
1.17.0
1.16.0
1.15.0
1.14.1
1.14.0
1.13.1
1.13.0
1.12.0
1.11.0
1.10.0
1.9.3
1.9.2
1.9.1
1.9.0
1.8.0
1.7.2
1.7.1
1.7.0
1.6.2
1.6.1
1.6.0
1.5.1
1.5.0
1.4.7
1.4.6
1.4.5.1
1.4.5
1.4.4.1
1.4.4
1.4.3
1.4.2
1.4.1.1
1.4.1
1.4
1.3.9
1.3.8
1.3.7
1.3.6
1.3.5
1.3.4.3
1.3.4.2
1.3.4.1
1.3.4
1.3.3
1.3.2
1.3.1
1.3
1.2
1.1.2
1.1.1
1.1
1.0.3
1.0.2
1.0
0.8.1
0.8
0.7
0.6
0.5.1
0.5
v0.4.1
Labels
Clear labels   
Discussion

   
Feature request

   
In Progress...

   
Plugins

   
Waiting response

   
Windows

   
Windows

   
bug

   
duplicate

   
enhancement

   
feature

   
good first issue

   
iOS

   
macOS 10.11

   
question

   
wontfix

   
Done
No labels
Discussion
Feature request
In Progress...
Plugins
Waiting response
Windows
Windows
bug
duplicate
enhancement
feature
good first issue
iOS
macOS 10.11
question
wontfix
Done
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Proxyman#668
No description provided.