Android抓去HTTPS流量配置笔记(charles篇)
charles主要通过SSL配置,实现对https协议数据的抓取。在工作过程中经常会碰到一些问题,这边题主就自己使用过程中配置遇到的问题进行笔记。
服务端代理设置
—>代理菜单—打开windows代理勾选
—>代理设置—代理设置
—>代理设置—SSL代理设置
客户端安全证书设置
—>帮助—SSL代理—导出charles根证书(保存成pem格式)
—>证书处理—证书重命名:计算证书的hash值并重新命名
openssl x509 -subject_hash_old -in charles.pem(只能计算pem格式的证书)
cec7d08c
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgIGAYjIuTDeMA0GCSqGSIb3DQEBCwUAMIGnMTgwNgYDVQQD
DC9DaGFybGVzIFByb3h5IENBICgxNyBKdW4gMjAyMywgREVTS1RPUC1BOEVPVUtO
KTElMCMGA1UECwwcaHR0cHM6Ly9jaGFybGVzcHJveHkuY29tL3NzbDERMA8GA1UE
CgwIWEs3MiBMdGQxETAPBgNVBAcMCEF1Y2tsYW5kMREwDwYDVQQIDAhBdWNrbGFu
ZDELMAkGA1UEBhMCTlowIBcNMDAwMTAxMDAwMDAwWhgPMjA1MjA4MTMwOTM5MTla
MIGnMTgwNgYDVQQDDC9DaGFybGVzIFByb3h5IENBICgxNyBKdW4gMjAyMywgREVT
S1RPUC1BOEVPVUtOKTElMCMGA1UECwwcaHR0cHM6Ly9jaGFybGVzcHJveHkuY29t
L3NzbDERMA8GA1UECgwIWEs3MiBMdGQxETAPBgNVBAcMCEF1Y2tsYW5kMREwDwYD
VQQIDAhBdWNrbGFuZDELMAkGA1UEBhMCTlowggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrfPUcu7ruWQqrlrUTr6NIQNebIMZywlUPaLiVaf8Qv3dVZI2W
A9b8u1xk9UKiyinIwYI8TsOr00n5ETgudaSJgfITfG3R31Ardb1DcdA5zpUFr5rz
WmGymScbcybb+yhn2nquPpFueSPBTVa8+3iyGhPeoY1uvgJ9law9HVYar8D251nb
8Iqvd9OZOrOAnDtvYdAGZnZ6nM3oX/B5kRNv/aiVkIqcIBcq6I2qTCSuBmL82Mbk
dd3b8cjmcSZg+oLRPDoR2yXivgqy/Sb3YpES8hvcQoV7Z8maM878E+u2xtRTAuTc
hEEV949zYYUkJMbL0X0AZHgIRmm5EUncWAN9AgMBAAGjgcgwgcUwDwYDVR0TAQH/
BAUwAwEB/zCBggYJYIZIAYb4QgENBHUTc2Q5wWYxQ2hhcmxlcyBQcm94eTpTU0zj
Bh8QLoKcZMFmL8Fm/oQA6AYsGWg6qGMoT8hDaGFybGVzIFByb3h5LHY6ZFHZLyiG
U1NM4wYu9+ULIGh0dHA6Ly9jaGFybGVzcHJveHkuY29tL3NzbIbj9Brhby4wDgYD
VR0PAQH/BAQDAgIEMB0GA1UdDgQWBBTJF37eiHd37JWd0V0w6GOhId992TANBgkq
hkiG9w0BAQsFAAOCAQEAqVbsXhSmYOe/hKd5oU9XoF2D8JKu2OyjHfXLt/gYdgCB
fEOqHfOpmyB5Ekvztf8luoin9fli/+19qn6YHlnpz8m5TgOD0gvqR8qw8GxkACpG
PaCEXWum3UGONvlqN7VszboYMcqgLgFWBc8TRnr3aII0prTIq+uB9Mtc9M3Kf7yr
KjSQmumIWT1kLElPeqCZSCL6CMgWfTfwhMGnHEtZbqZUIE7BrjpE+SXPHfd5PFXS
xvkxe1WV0Z/J8jg38oiwgmmwMv3qpFIQ11HJKeYHz+F5lWFpmn2JKBD24FWV/sX5
OsZXHEbddq7AY+xWUdhBEI0GrAr2YYRWaw3a4zy9mw==
-----END CERTIFICATE-----
将charles.pem文件名更改为:cec7d08c.pem
—>证书导入模拟器—/system磁盘重挂载问题
adb devices #连接雷电模拟器
adb root #获取root权限
adb remount #重新挂载磁盘
adb push cec7d08c.0 /system/etc/security/cacerts/cec7d08c.0
reboot
—>完成(此处补充openssl常用的一些命令)
#知识盲点补充:证书格式总的只有两种,分别是:PEM、DER。其中,DER格式的证书可以有两种后缀名,分别为der和crt。
#证书转换:crt/der转pem
openssl x509 -in charles.crt -inform DER -out charles.pem -outform PEM
#证书转换:pem转der
openssl x509 -in charles.pem -inform PEM -out charles.crt -outform DER