Charles 使用 Android:与客户端的 SSL 握手失败:处理证书时发生未知问题 (certificate_unknown)

问题描述 投票:0回答:1

我的环境

  • Android 12 LG 天鹅绒

  • 查尔斯4.6.5

  • MacOS Ventura 13.6.3

  • 我的应用程序(我想查看这个应用程序与 charles 的 https 流量)

  • 我在手机中安装了查尔斯证书

  • 我配置了 charles ssl 代理

问题

我无法在

MyApp
中使用https(另外,除了浏览器之外的所有Android应用程序)

附注

我用浏览器(MS Edge for android)进行了测试。 我可以访问互联网。 我可以看到通过 Charles 的流量,它是 https。我可以使用浏览器,但所有其他应用程序都无法运行。 (youtube、play 商店不起作用)

问题

  • 只有浏览器可以正常工作。 (当我删除证书时,浏览器将无法使用https)如何让其他应用程序(youtube、play store和“MyApp”)使用Charles证书?
android https tls1.2 charles-proxy
1个回答
0
投票

我找到了缺失的部分!

https://www.charlesproxy.com/documentation/using-charles/ssl-certificates/

Android
As of Android N, you need to add configuration to your app in order to have it trust the SSL certificates generated by Charles SSL Proxying. This means that you can only use SSL Proxying with apps that you control.

In order to configure your app to trust Charles, you need to add a Network Security Configuration File to your app. This file can override the system default, enabling your app to trust user installed CA certificates (e.g. the Charles Root Certificate). You can specify that this only applies in debug builds of your application, so that production builds use the default trust profile.

Add a file res/xml/network_security_config.xml to your app:

<network-security-config> 
  <debug-overrides> 
    <trust-anchors> 
      <!-- Trust user added CAs while debuggable only -->
      <certificates src="user" /> 
    </trust-anchors> 
  </debug-overrides> 
</network-security-config>
Then add a reference to this file in your app's manifest, as follows:

<?xml version="1.0" encoding="utf-8"?>
<manifest ... >
    <application android:networkSecurityConfig="@xml/network_security_config" ... >
        ...
    </application>
</manifest>

所以我需要...

  1. 添加以上配置
  2. 构建
    debug build
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.