PaulDotCom mailing list archives
Android Emulator intercepting SSL Traffic
From: Dimitrios Kapsalis <dimitrios () gmail com>
Date: Tue, 20 Dec 2011 09:34:36 -0600
The android emulator appears to have strict SSL enforced and thus is limiting my ability to test traffic of my application through burp proxy and other proxies. Given my understanding, the android device and emulator have a trusted cacerts store on the device similar to that which is part of the JRE. By adding the certificate authority proxy cert to the cacerts then the proxy should be able to view the SSL traffic as the certificate checks would pass. I've performed the below steps and still my app's traffic is not visible in burp proxy. Any tips or ideas? 1. Start up the emulator 2. Use adb to pull the cacerts.bks file from /system/etc/security 3. Use keytool with the bouncycastle jar (bcprov-1.44.jar) as the cacerts is using BKS as the store type 4. Use keytool to list the certificate based on the alias provided during import, the cert is then listed correcty. 5. Mounted /system as read/write on the emulator and pushed the updated cacerts.bks to the emulator. 6. Used mkfs.yaffs2.arm to make a system.img 7. Pulled system.img from emulator and replaced it as the image for the emulator to load from. This is required to persist the updates as the emulator would not "remember" the cacert store I provided it. 8. Test application. thanks!
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Android Emulator intercepting SSL Traffic Dimitrios Kapsalis (Dec 20)