SensehacK | Kay's Second 🧠

    Charles_Proxy

    Debugging

    Enable SSL proxying for specific URLs or wildcards if needed.

    Process

    Charles generates a .pem file - Privacy Enhanced Mail (PEM) or Base64 encoded certificate as per Charles dialog box.
    How .pem file differs from regular old OpenSSL key file - good thread to read here

    -----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIGAYlG5S1aMA0GCSqGSIb3DQEBCwUAMIGvMUAwPgYDVQQDDDdDaGFybGVz+VY=
-----END CERTIFICATE-----

    Generating one is easy while using fastlane tool on macOS
    docs fastlane | pem

    Generate Certificate

    Go to Charles -> Help -> SSL Proxying -> Save Charles Root Certificate.
    You can save it as .pem Base 64 encoded certificate or
    .cer Binary Certificate

    tvOS

    Prerequisites

    If you want to configure for a physical tvOS apple tv 4K, you need few things to set it up.

    Steps

    • create charles proxy from Menu -> Help -> SSL Proxying -> Save Charles Root Certificate... ” save it as .cer Binary Certificate downloadedProfile.cer
    • Apple configurator -> File -> New Profile -> Name the profile "customTVOS_proxy" -> Select "Wifi", click "Configure"
    • Fill your usual Wifi SSID (name: WifiName) & make sure Proxy Setup is selected to manual with provided ProxyMan Server and Port address eg. 10.0.0.22:9090
    • select “Certificates” → Click “Configure” → upload the downloadedProfile.cer file that you previously downloaded & renamed.
    • save the profile tvOSProxyProfile.mobileconfig at accessible location & open a terminal at that $pwd
    • Run a temporary http server using node
    • Make sure appleTV is on the same Wifi network 2.4 or 5Ghz and open Settings -> General -> Privacy & Security -> Share Apple TV Analytics. Press apple tv remote physical button Play/Pause new window will appear.
    • Select Add Profile, add the mac http server ip address with port and local file complete path. eg: http://10.0.0.22:8033/tvOSProxyProfile.mobileconfig (easier to copy paste from mac shared clipboard to iPhone + tv remote Input prompt)
    • Select "Install", few times and then we need to trust the certificate by heading over to Settings -> General -> About -> Certificate Trust Settings -> Click on Proxy Profile -> “Continue”.
    • You may need to reenter your WiFi credentials again since for me it got disconnected once with tvOS 17.0 - apple TV 4K 2023.

    Now you can see the logs of Apple tv 4K on Charles Proxy. I believe similar steps could be performed for proxyman

    macOS

    You need install on root device - certificate & trust that certificate in Keychain manager.

    After that you need to select proxy -> enable macOS proxy from menu bar.

    setup charles on mac

    Simulator

    You need to setup the same steps like a real device.

    Make sure you are listening for traffic on your computer. Go to the menu Proxy > macOS Proxy.

    how-to-set-up-charles-proxy-for-an-ios-simulator

    I was able to get past this error on ios simulator, webkit safari OAuth API call

    Safari can't open the page because the network connection was lost.

    charles docs | ssl certificates

    Troubleshooting

    My internet connection doesn't work

    Probably your Charles proxy server is being deallocated from the memory by OS schedulers. Check Task Manager | Activity Monitor just to see if the app is still consuming and listening for network events properly.

    Charles Profile doesn't download certificate .pem file

    For me reinstalling the app and restarting the iPhone usually helps.
    But to be extra cautious, check whether you have added 0.0.0.0/0 to the
    Proxy > Access Control Settings to give access to all the devices trying to route their proxy network traffic and give all iPv4 range table access to be allowed by default. It makes you avoid that pesky Allow | Deny confirmation dialogue box for the Access Control Settings
    Also double check Allow List in Tools Menu is being enabled, disable that option if you don't want a whitelisted option for specific domains.

    Charles Profile doesn't show up on iOS Settings App

    It is likely that your default browser is not Safari Apple kinda makes it PITA to always use their proprietary browser in order to do configuration profiles or certificates installs. I was using Firefox on iOS (Internal engine is still safari WebView WebKit Engine) with default browser selected as well since Deeplinks usually don't work on non default browser sometimes. But opening it on Safari with website http://chls.pro/ssl worked for me this time.

    Network requests shows unknown data

    You need to go to Settings -> General -> About -> Certificate Trust Settings and toggle Enable Full Trust for Root Certificates

    Can no longer browse Internet without Charles

    charles proxy FAQ steps

    video playback buffering

    DelioPlayer Media Failed. Description:1012.10 (Fairplay DRM):`The DRM delegate failed to acquire a license. (Delio)` Context: `(DelioPlayer) DRM Error` Delio Error Info 9004: `DelioError code:couldNotAcquireLicense.(9004)
assetURL:[http://ccr.linear-tve-ashburn-](http://ccr.linear-tve-sa-vss.top.sa.net/v1/frag/bmff/enc/cbcs/t/.m3u8?sz=urn:scte:224:audience:Zip:21412)


errorDescription" : "1001.2 (General Errors):`An unspecified network error occurred.` Context: `(DelioPlayer) Delio Error` Delio Error Info 4003: `DelioError code:playlistDeliveryUnableToDeliverPlaylist.

    Turns out de-provisioning the security DRM client on the physical device solved this issue. Logging out and back works.

    Other issues

    Copied from another article

    Charles shows garbled text in HTTPS request content– Check that Enable SSL Proxying is checked in SSL Proxying Settings
    – Check that your host list contains the host that you are looking to decrypt
    – Check that the Charles SSL Certificate is installed on your Mac or external device (whichever device sends out the data needs to have the certificate installed)
    Charles doesn’t show any requests or Charles shows fewer requests than expected– Check that you have no active VPN connections. Charles often times doesn’t work well over VPN
    – Check that you have started recording (the red/black button on the main Charles toolbar)
    – Try removing your request filter
    – Uncheck “Focused” to make sure there are no filters under Focused Hosts
    – If browser testing, disable all add blocker and cross-check with another browser
    – If you are attempting to proxy an external device, make sure that you are on the same network.
    – Offices sometimes have strict firewalls and router settings that may block proxying in general or specifically block port 8888, which Charles listens on. Check with IT or try proxying with a more advanced hotspot Charles method.

    Rewrite

    Rule in charles

    Go to Tools -> Rewrite

    Rewrite Dialog

    Enable the toggle Enable Rewrite

    Add + icon name rewrite_rule_503_server

    Make sure you enable the rule you just created eg rewrite_rule_503_server

    Location

    Add location of the URLs
    Paste the whole URL and its path (absolute)
    Or you can use whildcards

    Enable the Location URL arrays.

    Action

    Add Rewrite type -> Response Status

    Match dialog -> Value of "Input" eg. 200

    Replace dialog -> Value of "Output" eg. 503 / Internal server error.

    Press Done

    Export / Import

    You can share ur data to your team members in order to better replicate a certain scenario.

    Resources

    Kodeco | charles-proxy-tutorial-for-ios

    Charles Proxy blocking SSL traffic on Android