macOS
How to install Certificate and decrypt HTTPS Request/response in macOS device. Support Automatic and Manual steps
Last updated
How to install Certificate and decrypt HTTPS Request/response in macOS device. Support Automatic and Manual steps
Last updated
In order to intercept encrypted HTTPS messages (Request or Response), you have to install Proxyman CA Certificate on your current machine. This step is mandatory for iOS, Android devices, iOS simulators, Java VMs, and Firefox too.
You can install the Proxyman CA Certificate by navigating to
Certificate menu -> Install Certificate on this Mac...
The Proxyman Certificate is a self-signed certificate, which is generated in your machine. Proxyman never stores or transmits any personal data to Proxyman's server or 3rd-party.
Please check out the Privacy Statement to understand what Proxyman obtains or not.
If you'd like to manually generate a Certificate on your machine then adding to Proxyman. Please check out the Custom Certificate Doc
Proxyman's certificate is store locally at ~/.proxyman or ~/Library/Application Support/com.proxyman.NSProxy/certificates/
Proxyman could automatically install & trust the Certificate in Keychain by following the instruction in the following screenshot.
It's convenient for the majority of users and we can start debugging now.
Automation mode requires Root Privileges to perform the installation script. If you're not sure, please consider using Manual mode.
In automatic mode, Proxyman will automatically perform two steps:
Generate a local Proxyman Certificate at ~/.proxyman/proxyman-ca.pem
Install & Trust the certificate to System Keychain Access. It requires Root Privileges to execute the following CLI:
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/.proxyman/proxyman-ca.pem
Proxyman also offers more freedom for super-users who need to install the certificate on their behalf.
You can select one of the following approaches:
Generate and Add: Proxyman will locally generate the certificate and add it to Keychain, but not Trust automatically.
Add your Custom Certificate: Proxyman will open Custom Certificate and help you manually generate a certificate by using the OpenSSL command line. This feature intends for advanced users.
Make sure you select the "System Keychain" when adding the certificate to Keychain Access.
If you would like to manually generate a Root Certificate that works with Proxyman, please check out the Custom Certificate Doc
Make sure that your machine trusts Proxyman Certificate properly.
Open Keychain Access app -> Search Proxyman CA -> Double Click on the certificate -> Expand the Trust Section -> Select "Always Trust" -> Quit and Save the change.
If you've done it correctly, Proxyman will display " ✅ Installed and Trusted" status.
If you are not sure how to trust the certificate on the Keychain Access app. You can open the Terminal app and execute the command:
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/.proxyman/proxyman-ca.pem
Make sure that you Delete the Proxyman Certificate in Keychain app if you're not using Proxyman anymore. If not, anyone who has the Proxyman Certificate can intercept your HTTP/HTTPS requests from your macOS machine.
