-
-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mitmproxy for says 'sslv3 alert certificate unknown' for traffic from Android #5458
Comments
After following the https://docs.mitmproxy.org/stable/concepts-certificates/#certificate-pinning (objection method) to unpin the certificates in the desired APKs I was able to see the traffic in the mitmproxy. |
Is there any certificate unpinning methods for .net applications? |
Hello, maybe a bit late, but I faced the same problem. Before mitmproxy I was using HTTP Toolkit and it worked just fine for every application I needed on my rooted device. It could install the necessary certificate as a systems one so the applications that are not using pinned certificates wont complain. The problem with mitmproxy was that trying to just manually add the certificate to /system/etc/security/cacerts/ via adb shell was not working as expected (the file was successfully added to the directory, but not shown in system certificates in settings), so I tried to find out how does HTTP Toolkit does that. Here is the source from their repository on GitHub source that was modified to be shown here. Supposing that you define a variable CERT_FILE as the name of the certificate file stored in /sdcard directory, use a script with this code:
Here you have the instrucctions:
(<cert_file> is the name of the certificate file such as c8750f0d.0) Hope someone gonna need this answer! |
Problem Description
MITM proxy that Android device want to use reports
sslv3 alert certificate unknown
after installing the mitmproxy CA certificate according to #2054 and #4838 comments. The certificate is installed under trusted System credentials (not user), in the/system/etc/security/cacerts/c8750f0d.0
file:-rw-r--r-- 1 root root 4267 2022-07-15 18:45 c8750f0d.0
The message like this is displayed for every request originating from the Android device.
I've tested the mitmproxy access to the same site from PC web browser and works as expected and I can see the traffic in mitmproxy without any errors/warnings in the event log (with the same certificate). It does not seem like a mitmproxy issue, but for some reason Android apps (tried ddg browser and another 3rd party app) do not pick up the certificate. The Android version is rather old , Android 9 from 2019, Lineage OS 16.0. I've been using mitmproxy with this exact Android device couple of years ago and it worked fine (I had to reinstall the MITM proxy certificates today FWIW).
System Information
The text was updated successfully, but these errors were encountered: