[GH-ISSUE #914] Proxyman generates certs longer than 398 days; unsupported as of Sept 2020 #908

New issue

Open

opened 2026-03-03 19:22:54 +03:00 by kerem · 4 comments

kerem commented 2026-03-03 19:22:54 +03:00

Owner

Copy link

Originally created by @ianbby on GitHub (Jun 22, 2021).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/914

Originally assigned to: @NghiaTranUIT on GitHub.

Proxyman version? (Ex. Proxyman 1.4.3)

2.27.0 (22700)

macOS Version? (Ex. mac 10.14)

10.15

Steps to reproduce

Install certificate into system store on Android (requires root)

Expected behavior

Certificate works for all apps; instead, no connectivity is allowed due to too-long cert validity.

Screenshots (optional)

Hey team. I'm seeing trouble with the certificates that Proxyman generates on the fly with my Android device. Even with a custom root cert that has a validity < 1 year, Proxyman is generating certs with a two year validity. Certs that expire that far in the future are no longer supported as of Sept 2020:

• https://www.globalsign.com/en/blog/maximum-ssltls-certificate-validity-now-one-year
• https://www.ssls.com/blog/apples-new-ssl-lifetime-limitation-and-what-it-means-for-you/
• https://chromium.googlesource.com/chromium/src/+/ae4d6809912f8171b23f6aa43c6a4e8e627de784

Can we update Proxyman to generate on the fly certs with an expiration under the new 398 day mark?

Cheers

Originally created by @ianbby on GitHub (Jun 22, 2021). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/914 Originally assigned to: @NghiaTranUIT on GitHub. ### Proxyman version? (Ex. Proxyman 1.4.3) 2.27.0 (22700) ### macOS Version? (Ex. mac 10.14) 10.15 ### Steps to reproduce Install certificate into system store on Android (requires root) ### Expected behavior Certificate works for all apps; instead, no connectivity is allowed due to too-long cert validity. ### Screenshots (optional)  Hey team. I'm seeing trouble with the certificates that Proxyman generates on the fly with my Android device. Even with a custom root cert that has a validity < 1 year, Proxyman is generating certs with a two year validity. Certs that expire that far in the future are no longer supported as of Sept 2020: - https://www.globalsign.com/en/blog/maximum-ssltls-certificate-validity-now-one-year - https://www.ssls.com/blog/apples-new-ssl-lifetime-limitation-and-what-it-means-for-you/ - https://chromium.googlesource.com/chromium/src/+/ae4d6809912f8171b23f6aa43c6a4e8e627de784 Can we update Proxyman to generate on the fly certs with an expiration under the new 398 day mark? Cheers

kerem added the

enhancement

✅ Done

labels 2026-03-03 19:22:54 +03:00

kerem commented 2026-03-03 19:22:55 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jun 22, 2021):

Thanks for the detailed report. Our team will check it out and sent you a Beta build this week 😊

<!-- gh-comment-id:866184370 --> @NghiaTranUIT commented on GitHub (Jun 22, 2021): Thanks for the detailed report. Our team will check it out and sent you a Beta build this week 😊

kerem commented 2026-03-03 19:22:55 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jun 23, 2021):

Hey @ianbby please check out this beta build: https://proxyman.s3.us-east-2.amazonaws.com/beta/Proxyman_2.28.0_Validity_397_Days.dmg

• Proxyman will generate a leaf certificate with 397 validity days.
• I suppose that it's not required for Proxyman Root Certificate, so it's 2 years by default.

Please let me know if it works for you 🌮

<!-- gh-comment-id:866466344 --> @NghiaTranUIT commented on GitHub (Jun 23, 2021): Hey @ianbby please check out this beta build: https://proxyman.s3.us-east-2.amazonaws.com/beta/Proxyman_2.28.0_Validity_397_Days.dmg - Proxyman will generate a leaf certificate with 397 validity days. - I suppose that it's not required for Proxyman Root Certificate, so it's 2 years by default. <img width="555" alt="Screen Shot 2021-06-23 at 08 52 59" src="https://user-images.githubusercontent.com/5878421/123023926-7ac9ca00-d402-11eb-8cfc-3e992732129f.png"> Please let me know if it works for you 🌮

kerem commented 2026-03-03 19:22:55 +03:00

Author

Owner

Copy link

@ianbby commented on GitHub (Jun 23, 2021):

Hey Nghia! That was some wicked fast turn around, thank you! I gave the new build a go and can confirm that immediately had me sorted! Works perfectly with the new validity:

I didn't change or customize anything, just installed the new build, installed & trusted the certificate on my Mac & on the Android device, and I was set!

<!-- gh-comment-id:866734180 --> @ianbby commented on GitHub (Jun 23, 2021): Hey Nghia! That was some wicked fast turn around, thank you! I gave the new build a go and can confirm that immediately had me sorted! Works perfectly with the new validity:   I didn't change or customize anything, just installed the new build, installed & trusted the certificate on my Mac & on the Android device, and I was set!

kerem commented 2026-03-03 19:22:55 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jun 24, 2021):

Glad to know it works 😄 🌮

<!-- gh-comment-id:867264536 --> @NghiaTranUIT commented on GitHub (Jun 24, 2021): Glad to know it works 😄 🌮

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

6.9.0

6.8.0

6.7.0

6.6.0

6.5.0

6.4.0

6.3.0

6.2.0

6.1.0

6.0.2

6.0.0

6.0.1

5.25.0

5.24.0

5.23.0

5.23.1

5.22.0

5.20.0

5.21.0

5.19.0

5.18.0

5.17.0

5.16.0

5.15.0

5.14.0

5.12.2

5.12.1

5.12.0

5.11.0

5.10.0

5.8.0

5.9.0

5.7.0

5.6.1

5.6.0

5.5.0

5.4.0

5.2.0

5.3.0

5.1.1

5.0.0

4.16.0

4.15.0

4.14.0

4.13.0

4.12.0

4.11.0

4.10.0

4.9.1

4.9.0

4.8.2

4.8.1

4.8.0

4.7.1

4.7.0

4.6.1

4.6.0

4.5.0

4.4.0

4.3.1

4.3.0

4.2.1

4.2.0

4.1.0

4.0.0

3.15.0

3.14.0

3.13.0

3.12.0

3.11.0

3.10.0

3.9.0

3.8.0

3.7.0

3.6.2

3.6.1

3.6.0

3.5.2

3.5.1

3.5.0

3.4.0

3.3.0

3.2.0

3.1.0

3.0.0

2.35.4

2.35.3

2.35.2

2.35.1

2.35.0

2.34.1

2.34.0

2.33.0

2.32.1

2.32.0

2.31.0

2.30.0

2.29.0

2.28.0

2.27.0

2.26.0

2.25.0

2.24.0

2.23.0

2.22.0

2.21.1

2.21.0

2.20.0

2.19.0

2.18.0

2.17.0

2.16.1

2.16.0

2.15.2

2.15.1

2.15.0

2.14.2

2.14.1

2.14.0

2.13.0

2.12.0

2.11.1

2.11.0

2.10.0

2.9.1

2.9.0

2.8.0

2.7.0

2.6.0

2.5.3

2.5.2

2.5.1

2.5.0

2.4.2

2.4.1

2.4.0

2.3.0

2.2.0

2.1.1

2.1.0

2.0.1

2.0.0

1.24.0

1.23.0

1.22.0

1.21.0

1.20.0

1.19.0

1.18.1

1.18.0

1.17.1

1.17.0

1.16.0

1.15.0

1.14.1

1.14.0

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.7

1.4.6

1.4.5.1

1.4.5

1.4.4.1

1.4.4

1.4.3

1.4.2

1.4.1.1

1.4.1

1.4

1.3.9

1.3.8

1.3.7

1.3.6

1.3.5

1.3.4.3

1.3.4.2

1.3.4.1

1.3.4

1.3.3

1.3.2

1.3.1

1.3

1.2

1.1.2

1.1.1

1.1

1.0.3

1.0.2

1.0

0.8.1

0.8

0.7

0.6

0.5.1

0.5

v0.4.1

Labels

Clear labels   

Discussion

  

Feature request

  

In Progress...

  

Plugins

  

Waiting response

  

Windows

  

Windows

  

bug

  

duplicate

  

enhancement

  

feature

  

good first issue

  

iOS

  

macOS 10.11

  

question

  

wontfix

  

✅ Done

No labels

Discussion

Feature request

In Progress...

Plugins

Waiting response

Windows

Windows

bug

duplicate

enhancement

feature

good first issue

iOS

macOS 10.11

question

wontfix

✅ Done

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/Proxyman#908

No description provided.