hbjhb

Introduction Android maintains a list of trusted certificates any deviance in the certificate would result in a error in connection. Below screenshot shows how the browser gives a popup when we set the Android device to forward the traffic to Burp Proxy instead of the actual server. Once, the user clicks on “Continue”, the user can continue to use the application as per his requirement. However, in case of native applications there is no “popup” and the connection is directly rejected. Solution: Add the proxy certificate to android trusted store. How: Step 1: Download the latest copy of bouncycastle lib from http://www.bouncycastle.org/latest_releases.html into a folder called “lib”. During the making of this document, the latest version of the lib was v1.47. Step 2: Extract a copy of the current certificate file ie. “cacerts.bks” from the android device using: adb pull /system/etc/security/cacerts.bks Step 3: Download a copy of the Charles Proxy certificate from the Charles website ht...