Charles: Difference between revisions
(11 intermediate revisions by the same user not shown) | |||
Line 10: | Line 10: | ||
=Operations= | =Operations= | ||
==Obtain/Set Proxy Port== | |||
Go to Proxy -> Proxy Settings -> HTTP Proxy -> Port. | |||
==Configure SSL Proxying== | ==Configure SSL Proxying== | ||
Line 21: | Line 25: | ||
* localhost.apple.com:443 | * localhost.apple.com:443 | ||
* kibana.apps.openshift.novaordis.io:443 | * kibana.apps.openshift.novaordis.io:443 | ||
==Capture localhost Requests== | |||
{{External|[https://www.charlesproxy.com/documentation/faqs/localhost-traffic-doesnt-appear-in-charles/ Localhost traffic doesn't appear in Charles]}} | |||
Some systems are hard coded to not use proxies for localhost traffic, so when you connect to http://localhost/ the corresponding traffic does not show up in Charles. | |||
There are several solutions to this problem: | |||
* Connect to http://localhost.charlesproxy.com/ instead. This points to the IP address 127.0.0.1, so it should work identically to localhost, but with the advantage that it will go through Charles. This will work whether or not Charles is running or you're using Charles. If you use a different port, such as 8080, just add that as you usually would, e.g. localhost.charlesproxy.com:8080. You can also put anything in front of that domain, e.g. myapp.localhost.charlesproxy.com, which will also always resolve to 127.0.0.1. | |||
* Try adding a '.' after localhost | |||
* Replace localhost with the name of your machine, or use your local link IP address (eg. 192.168.1.2). http://nombp3.local:8080/ works. | |||
* If Charles is running and you're using Charles as your proxy, you can also use local.charles as an alternative for localhost. Note that this only works when you're using Charles as your proxy, so the above approaches are preferred, unless you specifically want requests to fail if not using Charles. | |||
==Export the Root Certificate== | ==Export the Root Certificate== | ||
Exporting the root certificate is necessary when we proxy a Java application that sends HTTPS requests | Exporting the root certificate is necessary when we proxy a Java application that sends HTTPS requests and we need Charles to be able to look inside those requests. All Java applications that use HttpClient will work based on this procedure. | ||
To export: Help -> SSL Proxying -> Save Charles Root Certificate | |||
Use the default format "Base 64 encoded certificate (.crt)". | Use the default format "Base 64 encoded certificate (.crt)". | ||
Line 34: | Line 50: | ||
{{Internal|Configure a Java HTTP Client to Accept Self-Signed Certificates|Configure a Java HTTP Client to Accept Self-Signed Certificates}} | {{Internal|Configure a Java HTTP Client to Accept Self-Signed Certificates|Configure a Java HTTP Client to Accept Self-Signed Certificates}} | ||
==Install Charles Root Certificate== | |||
===Install the Root Certificate on Mac=== | |||
Help -> SSL Proxying -> Install Charles Root Certificate. | |||
This will install the self-signed root certificate in Keychain Access. | |||
You will then need to navigate to it, select Trust then "When using this certificate Always Trust" | |||
===Install the Root Certificate in Chrome=== | |||
1. [[Charles#Export_the_Root_Certificate|Export the root certificate]] in ~tmp. | |||
2. Go to Preferences -> Advanced -> Manage Certificates. | |||
3. Go to the Trusted Root Certification Authorities tab. If on Mac, you will be sent to Mac Keychain Access. If Charles was previously used to "Install Charles Root Certificate", the root certificate should already be available there and there should be nothing else to do. | |||
==Recording Settings== | ==Recording Settings== | ||
Include/Exclude | Include/Exclude | ||
==Using curl with Charles== | |||
Obtain the local proxy port, as shown above in [[#Obtain.2FSet_Proxy_Port|Obtain/Set Proxy Port]]. It is usually 8888. Then: | |||
curl -x http://localhost:8888 ... |
Latest revision as of 21:01, 16 May 2019
External
- http://www.charlesproxy.com/documentation/
- http://www.charlesproxy.com/documentation/using-charles/
- http://blog.mediarain.com/2009/08/iphone-http-connection-debugging/
- http://www.charlesproxy.com/documentation/using-charles/ssl-certificates/
- http://www.charlesproxy.com/documentation/faqs/ssl-connections-from-within-iphone-applications/
Overview
Operations
Obtain/Set Proxy Port
Go to Proxy -> Proxy Settings -> HTTP Proxy -> Port.
Configure SSL Proxying
Proxy -> SSL Proxy Settings -> SSL Proxying
and then list the target location you want to proxy for.
Examples:
- localhost.apple.com:443
- kibana.apps.openshift.novaordis.io:443
Capture localhost Requests
Some systems are hard coded to not use proxies for localhost traffic, so when you connect to http://localhost/ the corresponding traffic does not show up in Charles.
There are several solutions to this problem:
- Connect to http://localhost.charlesproxy.com/ instead. This points to the IP address 127.0.0.1, so it should work identically to localhost, but with the advantage that it will go through Charles. This will work whether or not Charles is running or you're using Charles. If you use a different port, such as 8080, just add that as you usually would, e.g. localhost.charlesproxy.com:8080. You can also put anything in front of that domain, e.g. myapp.localhost.charlesproxy.com, which will also always resolve to 127.0.0.1.
- Try adding a '.' after localhost
- Replace localhost with the name of your machine, or use your local link IP address (eg. 192.168.1.2). http://nombp3.local:8080/ works.
- If Charles is running and you're using Charles as your proxy, you can also use local.charles as an alternative for localhost. Note that this only works when you're using Charles as your proxy, so the above approaches are preferred, unless you specifically want requests to fail if not using Charles.
Export the Root Certificate
Exporting the root certificate is necessary when we proxy a Java application that sends HTTPS requests and we need Charles to be able to look inside those requests. All Java applications that use HttpClient will work based on this procedure.
To export: Help -> SSL Proxying -> Save Charles Root Certificate
Use the default format "Base 64 encoded certificate (.crt)".
The certificate thus saved can be used without any modification as part of the following procedure:
Install Charles Root Certificate
Install the Root Certificate on Mac
Help -> SSL Proxying -> Install Charles Root Certificate.
This will install the self-signed root certificate in Keychain Access.
You will then need to navigate to it, select Trust then "When using this certificate Always Trust"
Install the Root Certificate in Chrome
1. Export the root certificate in ~tmp.
2. Go to Preferences -> Advanced -> Manage Certificates.
3. Go to the Trusted Root Certification Authorities tab. If on Mac, you will be sent to Mac Keychain Access. If Charles was previously used to "Install Charles Root Certificate", the root certificate should already be available there and there should be nothing else to do.
Recording Settings
Include/Exclude
Using curl with Charles
Obtain the local proxy port, as shown above in Obtain/Set Proxy Port. It is usually 8888. Then:
curl -x http://localhost:8888 ...