top of page

Decrypting HTTPS traffic

In Web and Internet development you are unable to see what is being sent and received between your web browser / client and the server. Without this visibility it is difficult and time-consuming to determine exactly where the fault is.

While there are a lot of proprietary SSL Proxy products available in the market. I have tested a product named Charles Proxy and found it to be a great Product. While Charles is not open source you can try the product for 30 days for free and make you a decision of purchase, If you often want to sniff HTTPS traffic as part of your job or development I would say its worth a buy.



Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers.


▒ Explanation of Charles using Windows:


Here you can see the contents of my blog


Now let's decrypt!


#1) Help >> SSL Proxying >> Install Charles Root Certificate;

#2) Install Certificate;

#3) Local Machine;

#4) Choose repository;

#5) 2nd option (Trust Root Certification)


#6) Clear the current session;


#7) Proxy >> SSL Proxying Settings;

#8) Enable SSL Proxying;

#9) Click on Add at "include" option;

#10) Type * on host and OK.


#11) Clear the current session;

#12) Open website that you install the certification and see the magic:


So there are numerous possibilities and scenarios you can fulfil with this and perform high-level network and application debugging with this. In fact. Charles proxy can even be used for Mobile App Debugging and to sniff HTTPS traffic between Mobile App and to the Server.



44 views0 comments

Recent Posts

See All

Cyrillic Alphabet

Exploring the Cyrillic Alphabet: A Beginner's Guide Have you ever come across the Cyrillic alphabet and wondered what it's all about? Maybe you've seen it on Russian websites, or perhaps you've notice

MacOS | Recording a Packet Trace

A packet trace is a record of traffic traveling across the network. It’s useful for investigating complex network problems related to both correctness and performance. Once you start a packet trace on

DNS Guard

Absolutely everything is connected to the internet these days, from TV to smart light bulbs, from mobile devices to smart cars. Given those ads and ad trackers are everywhere on the Internet, a browse

Comments


bottom of page