[squid-users] Installing certificate on Andriod to use with SSL-bump
Amos Jeffries
squid3 at treenet.co.nz
Wed Jun 10 16:22:51 UTC 2015
On 10/06/2015 4:46 p.m., dkandle wrote:
> I would like to be able to inspect traffic from my android device. I have a
> transparent squid proxy working with SSL bump (using WiFi to get traffic
> through my proxy server). Everything works fine as long as I go through a
> browser. But I would like to see the other traffic which the OS and other
> apps are sending. Squid uses a certificate I generated for the web sites and
> I create an exception for those without issue.
> If I install my certificate on the phone will it then accept the certificate
> when squid returns it during the ssl setup?
Maybe.
> To be clear, I see the phone use
> port 443 to setup a secure session. However it rejects the certificate (as
> it should) and terminates the session with no data being passed. I can
> install my certificate on the phone, but will the android OS use that
> certificate for all services or only for browser sessions?
Maybe.
> If not, is there
> some other way I can get my fake certificate accepted for all sessions for
> which it is used?
Only by adding the CA cert your Squid signs with to the OS certificate
set. Whether it is actually used from there is application specific and
none of us have control over that.
Amos
More information about the squid-users
mailing list