Above Android7.0 use Charles to capture Https

Problems encountered

Since Google has changed its security policy since Android7, user-added CA certificates can no longer be used for secure connections, meaning that your own Charles certificates will no longer be used. The following problem occurs when we capture HTTPS packets

The 2019-02-11 14:27:12. 232, 8913-8954 /? W/System.err: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchorforCertification Path Not Found. 2019-02-11 14:27:12.232 8913-8954/? W/System.err: At com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake OpenSSLSocketImpl. Java: (361) 2019-02-11 14:27:12. 232 8913-8954/? W/System.err: At com. Android. Okhttp. Connection. ConnectTls (Connection. Java: 235) the 2019-02-11 14:27:12. 232, 8913-8954 /? W/System. Err: At com. Android. Okhttp. Connection. ConnectSocket (Connection. Java: 199) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System. Err: At com. Android. Okhttp. Connection. The connect (Connection. Java: 172) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System. Err: At com. Android. Okhttp. Connection. ConnectAndSetOwner (Connection. Java: 367) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System.err: at com.android.okhttp.OkHttpClientThe $1ConnectAndSetOwner (OkHttpClient. Java: 130) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System.err: At com. Android. Okhttp. Internal. HTTP. HttpEngine. Connect (HttpEngine. Java: 329) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System.err: At com. Android. Okhttp. Internal. HTTP. HttpEngine. The sendRequest (HttpEngine. Java: 246) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System.err: At com. Android. Okhttp. Internal. Huc. HttpURLConnectionImpl. Execute (HttpURLConnectionImpl. Java: 457) the 2019-02-11 14:27:12. 233  8913-8954/? W/System.err: At com. Android. Okhttp. Internal. Huc. HttpURLConnectionImpl. Connect (HttpURLConnectionImpl. Java: 126) the 2019-02-11 14:27:12. 233  8913-8954/? W/System.err: at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89) 2019-02-11 14:27:12. 233, 8913-8954 /? W/System. Err: At com. Android. Okhttp. Internal. Huc. HttpsURLConnectionImpl. Connect (HttpsURLConnectionImpl. Java) 14:27:12 2019-02-11. 233 8913-8954/? W/System.err: At com. Example. Android. SDK. HTTP. HttpRequest. Execute (HttpRequest. Java: 73) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System.err: at com.example.android.sdk.http.HttpRequestThe $1.run(httprequet.java :110) 2019-02-11 14:27:12.233 8913-8954/? W/ system.err: The at Java. Util. Concurrent. ThreadPoolExecutor. RunWorker (ThreadPoolExecutor. Java: 1133) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System.err: at java.util.concurrent.ThreadPoolExecutor$Worker. The run (ThreadPoolExecutor. Java: 607) the 2019-02-11 14:27:12. 233, 8913-8954 /? W/System. Err: At java.lang.Thread.run(thread. Java :761) 2019-02-11 14:27:125.2269-2273 /? W/System. Err: Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchorforCertification Path Not found. 2019-02-11 14:27:12.235 8913-8954/? W/System.err: At com.android.org.conscrypt.TrustManagerImpl.verifyChain TrustManagerImpl. Java: (563) 2019-02-11 14:27:12. 235, 8913-8954 /?  W/System.err: At com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive TrustManagerImpl. Java: (444) 2019-02-11 14:27:12. 235 8913-8954/? W/System.err: At com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive TrustManagerImpl. Java: (508) 2019-02-11 14:27:12. 235 8913-8954/? W/System.err: At com.android.org.conscrypt.TrustManagerImpl.checkTrusted TrustManagerImpl. Java: (401) 2019-02-11 14:27:12. 235 8913-8954/? W/System.err: At com.android.org.conscrypt.TrustManagerImpl.checkTrusted TrustManagerImpl. Java: (375) 2019-02-11 14:27:12. 235 8913-8954/? W/System.err: at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:304) 2019-02-11 14:27:12. 235, 8913-8954 /? W/System. Err: at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94) The 2019-02-11 14:27:12. 235, 8913-8954 /? W/System. Err: At android.security.net.config.RootTrustManager.checkServerTrusted RootTrustManager. Java: (88) 2019-02-11 14:27:12. 236 8913-8954/? W/System.err: At com.android.org.conscrypt.Platform.checkServerTrusted Platform. Java: (178) 2019-02-11 14:27:12. 236, 8913-8954 /? W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:596) 2019-02-11 14:27:12. 236, 8913-8954 /? W/System. Err: The at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake (Native Method) the 2019-02-11 14:27:12. 236, 8913-8954 /? W/System.err: At com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake OpenSSLSocketImpl. Java: (357) 2019-02-11 14:27:12. 236 8913-8954/? W/System.err: ... 16 more 2019-02-11 14:27:12.236 8913-8954/? W/System.err: Caused by: java.security.cert.CertPathValidatorException: Trust anchorforCertification Path Not Found. 2019-02-11 14:27:12.236 8913-8954/? W/System.err: ... 28 moreCopy the code

Solution 1

In view of the equipment is not the Root, the method directly see Android developer.android.com/training/ar official document… However, there is a limitation of this method is that it can only grab the package of its own APP, but can not grab the third-party APP, and the operation is troublesome.

Solution 2

This article focuses on this method, a once and for all method, is to install Charles certificate as system certificate.

1. Ensure that the mobile phone is Root

I won’t bother with the Root method

2. Download the certificate

Follow Charles’ help to browse CHLS. Pro/SSL to download the certificate. You can download it on your device and adb pull it to your computer, or you can download it directly from your computer browser.

3. Rename the certificate

System certificate in the directory/system/etc/security/cacerts, we see

<Certificate_Hash>.<Number>

To calculate the Hash value of the certificate file, run openSSL x509 -subject_hash_old -in

4. Upload the certificate

We will rename a good push to certificate the adb/sdcard/Download, then copy it to/system/etc/security/cacerts/folder.

mount -o rw,remount /system

adb root
adb disable-verity
adb reboot
adb remount
adb shell
mount -o rw,remount /system
Copy the code

After copying, change the file permissions to 644 and restart the device

5. Verify the results

Set “security” trust credentials, as we can see