SSL Proxying
Capture and intercept the HTTPS message
Proxyman can be used as a man-in-the-middle that logs all HTTP/HTTPS traffic between your applications and SSL Web Server. Proxyman will dynamically generate certificates on the fly, which enables developers to see HTTPS in plain text.
You can define rules for:
- Include List: Intercept the traffic from apps/domains if it's in the include list
- Exclude List: Ignore all traffic from app/domains in Exclude List
⌘⌥P to quickly open the SSL Proxying List.
Proxyman supports several formats to define a rule:
- By app: Intercept all traffic that goes from this app
- By Domain: Intercept all traffic from this domain
- Wildcard: If it's matched, we intercept it
For instance,
Wildcard | Description |
* | Intercept ALL traffic |
*.domain.com, *.apple.com | Intercept all domains that have suffix domain.com, e.g: v1.domain.com, data.domain.com, health.apple.com, ... |
v?.domain.com | Intercept all domains that match the rule e.g: v1.domain.com, v2.domain.com |
- By default, Proxyman will use Proxyman Root Certificate to do SSL between the client and the server. Proxyman Root Certificate is locally generated on your machine during "Install Certificate on macOS".
- You can manually generate your own self-signed certificate and add to Proxyman to comply with your Company Security Policy.
It's crucial to set up the Proxyman Certificate before intercepting any HTTPS requests. You can follow the macOS setup Guide to install and trust the certificate properly.
There are two ways to enable SSL Proxying, which are by App or By Domain.
- Right-Click on the app or domain on the Left Panel -> Enable SSL Proxying
Right-click on the app and enable HTTPS Response
- Right-Click on the request -> Enable SSL Proxying
Right-Click on the flow and enable HTTPS Response
- Select the request and enable SSL Proxying on the Response Panel.