Links

SSL Error from HTTPS Request/Response

1. Problems

  • You could not see any HTTPS traffic on the Proxyman app
  • You get SSL Error from HTTPS Requests and Responses.
  • You get SSL Handshake Failed

2. Solution

There are many reasons why SSL Handshake Failed, please walk through the below steps to address the problem.

2.1 Mobile devices

iOS Device

  • Follow this iOS Guide -> Make sure you've installed & trusted the Proxyman CA Certificate on your device.
  • If you're intercepting some popular apps (e.g Facebook, Instagram, Apple, Whatsapp, ...): They are protected by SSL Pinning -> Impossible to intercept them.
  • Verify that your iOS app doesn't have SSL Pinning. If yes, please disable it.

iOS Simulator

Follow this iOS Simulator Guide -> Make sure you've installed & trusted the Proxyman CA Certificate on your device.

Android Device

  • Follow this Android Device Guide -> Make sure you've installed & trusted the Proxyman CA Certificate on your device.
  • Verify that the 5th step is completed (by adding your domain to two files: res/xml/network_security_config.xml and AndroidManifest.xml)
  • If you're trying to intercept Android apps that you're not an owner -> It isn't possible to intercept -> ❌

Android Emulator

  • Follow this Android Emulator Guide -> Make sure you've installed & trusted the Proxyman CA Certificate on your device.
  • Verify that the 5th step is completed (by adding your domain to two files: res/xml/network_security_config.xml and AndroidManifest.xml)
  • If you're trying to intercept Android apps that you're not an owner -> It isn't possible to intercept -> ❌

React Native app

Flutter

If you've tried and verified all the above steps, but still get SSL Errors?

Verify that you're able to see HTTPS Request/Response from https://google.com without any errors

  1. 1.
    Get your devices
  2. 2.
    Open the Web Browser (Safari on iOS or Google Chrome on Android)
  3. 3.
    Visit https://google.com
  4. 4.
    Select "Enable SSL Proxying" on this domain on the Proxyman app for macOS
  5. 5.
    Verify if you're able to see the HTTPS Response or not.

✅ Success

  1. 1.
    You're able to see https://google.com HTTPS Response, which means you set up the Certificate correctly -> It's good ✅
  2. 2.
    The problem might be from your apps. Let's try again on your domains/apps -> If the SSL Error still happens, a high chance that this app is protected by the SSL Pinning.
  3. 3.
    If you believe that it's not an SSL Pinning case, please open a ticket on Github (Please mention what device, OS Version, app name, etc)

❌ Failed!

  • It seems Proxyman Certificate is not installed or trusted correctly in your devices. Please go back to the 2.1 Mobile Device section and follow it.
  • If you verify that everything is done, but the SSL Error still happens, please open a ticket on Github (Please mention what device, OS Version, app name, etc)

2.2 Macbook or Windows PC

I get SSL Errors from:
Some networking libraries (Ruby, NodeJS, Python, Golang) don't trust the self-signed certificate by default. We have to explicitly tell the library to trust the certificate.
=> To fix it, please google "<Your framework/library> self-signed certificate", a found some answers on StackOverflow.

2.3 SSL-Pinning?

  • You're still unable to see HTTPS Response on your app, it seems that your app is protected by SSL-Pinning, which prevents MitM apps to see the content. All popular apps (Facebook, Apple, Instagram, Messenger, etc) have this feature.
  • Please temporarily disable SSL-Pinning and try again.
If you've tried everything but are not sure what is wrong? Please open a Github ticket.
Please also mention: Proxyman macOS/Windows, Proxyman version, your iOS/Android device, etc.