Links

SSL Proxying

Capture and intercept the HTTPS message

SSL Proxying

Proxyman can be used as a man-in-the-middle that logs all HTTP/HTTPS traffic between your applications and SSL Web Server. Proxyman will dynamically generate certificates on the fly, which enables developers to see HTTPS in plain text.

Include List and Exclude List

You can define rules for:
  • Include List: Intercept the traffic from apps/domains if it's in the include list
  • Exclude List: Ignore all traffic from app/domains in Exclude List
⌘⌥P to quickly open the SSL Proxying List.

Apps / Domains / Wildcards

Proxyman supports several formats to define a rule:
  • By app: Intercept all traffic that goes from this app
  • By Domain: Intercept all traffic from this domain
  • Wildcard: If it's matched, we intercept it
For instance,
Wildcard
Description
*
Intercept ALL traffic
*.domain.com, *.apple.com
Intercept all domains that have suffix domain.com, e.g: v1.domain.com, data.domain.com, health.apple.com, ...
v?.domain.com
Intercept all domains that match the rule e.g: v1.domain.com, v2.domain.com

How does it work?

Setup Proxyman Certificates

It's crucial to set up the Proxyman Certificate before intercepting any HTTPS requests. You can follow the macOS setup Guide to install and trust the certificate properly.

How to enable SSL Proxying on a particular domain or app

There are two ways to enable SSL Proxying, which are by App or By Domain.
  • Right-Click on the app or domain on the Left Panel -> Enable SSL Proxying
Right-click on the app and enable HTTPS Response
  • Right-Click on the request -> Enable SSL Proxying
Right-Click on the flow and enable HTTPS Response
  • Select the request and enable SSL Proxying on the Response Panel.