Proxyman can be used as a man-in-the-middle that logs all HTTP/HTTPS traffic between your applications and SSL Web Server. Proxyman will dynamically generate certificates on the fly, which enables developers to see HTTPS in plain text.
You can define rules for:
Include List: Intercept the traffic from apps/domains if it's in the include list
Exclude List: Ignore all traffic from app/domains in Exclude List
Proxyman supports several formats to define a rule:
By app: Intercept all traffic that goes from this app
By Domain: Intercept all traffic from this domain
Wildcard: If it's matched, we intercept it
Intercept ALL traffic
Intercept all domains that have suffix domain.com, e.g: v1.domain.com, data.domain.com, health.apple.com, ...
Intercept all domains that match the rule e.g: v1.domain.com, v2.domain.com
By default, Proxyman will use Proxyman Root Certificate to do SSL between the client and the server. Proxyman Root Certificate is locally generated on your machine during "Install Certificate on macOS".
You can manually generate your own self-signed certificate and add to Proxyman to comply with your Company Security Policy.
It's crucial to set up the Proxyman Certificate before intercepting any HTTPS requests. You can follow the macOS setup Guide to install and trust the certificate properly.
There are two ways to enable SSL Proxying, which are by App or By Domain.
Right-Click on the app or domain on the Left Panel -> Enable SSL Proxying
Right-Click on the request -> Enable SSL Proxying
Select the request and enable SSL Proxying on the Response Panel.