Tutorial: Testing SSL using Charles Proxy on an iOS Device
Charles can be used as a man-in-the-middle HTTPS proxy, enabling you to view in plain text the communication between your iOS app and the SSL web server.
Charles does this by becoming a man-in-the-middle. Instead of your browser seeing the server’s certificate, Charles dynamically generates a certificate for the server and signs it with its own root certificate (the Charles CA Certificate). Charles receives the server’s certificate, while your browser receives Charles’s certificate.
Share WiFi & Setup Charles for SSL
Follow the steps below to setup Charles to enable SSL testing using Charles 3.10.x.
- Share your ethernet internet connection via WiFi, Settings > Sharing
You can see that you are sharing your internet connection if your WiFi has an up arrow within it.
- Download Charles: http://www.charlesproxy.com/download/ (free trial)
- Open Charles
- Go to Proxy > SSL Proxy Settings…
- Check “Enable SSL Proxying”
- Select “Add” and enter the host name and port (if needed)
- Click ok and make sure the option is checked
- Download the Charles cert, go to Help > SSL Proxying > Install Charles Root Certificate on a Mobile Device or Remote Browser
The following popup will appear to let you know what proxy url to setup in the next step:
- Configure your device to use Charles as its HTTP proxy, WiFi > Select your network > tap the i for the details
- Modify the HTTP proxy to point to the IP address of the proxy as shown above.
- Open Safari on your iOS device and go to http://charlesproxy.com/getssl to install the Charles Certificate.
- Install the Certificate on your device when prompted
If you need to access the certificate later you can find it here, Settings > General > Profiles & Device Management
Testing SSL in your App
Now that Charles is setup and the connection between your app and your computer is working you can start to test the SSL calls within your app.
- Open Charles and click the Trash can to clear the current session
- Click on the URL of the host service you would like to see details on
- Click “Sequence” to see the details and scroll down until you see the URL of the host you wish to see the response details for.
- Double click on the line for the popup to appear so you can copy any values you need.
Tools: Optimizing your Images
You have finished all the code for your app, integrated the design, tagged everything for analytics, now you’re ready to release to the App Store right? Wrong. One of the last steps before finally releasing your new app is to optimize your images. This is important for two reasons. The first, it will slightly help the performance of your app. Since your views will be a little smaller they’ll load a little faster. You will especially notice this if you are supporting older devices (i.e. iPad 1st Gen and iPhone 4). Also if you have many assets on a view it should respond a little better. The second reason to optimize your images is the crucial 50 MB limit Apple sets for downloads over cellular networks. If your app is over 50 MB users will not be able to download your app unless they are on a Wi-Fi network. This is a barrier that you can’t afford, anything stopping a user from downloading your app may cost you that download if they forget about your app or move onto the one next to it that’s similar in the store.
The tool that I use is ImageOptim, it’s a really easy tool to use and it’s FREE! ImageOptim optimizes images — so they take up less disk space and load faster — by finding best compression parameters and by removing unnecessary comments and color profiles. It handles PNG, JPEG and GIF animations. Most importantly it does so without affecting the image quality.
The interface to ImageOptium is very minimal and simple. Drag images onto its window or dock icon, or click on the plus (+) button to select images from a standard open dialog box. The app immediately starts optimizing the images, using one or more of a slew of command-line image optimization tools: PNGOUT, AdvPNG, Pngcrush, extended OptiPNG, JpegOptim, jpegrescan, jpegtran, and Gifsicle. Beside each file name you’ll see the file size (in bytes), and the percentage by which the file size was shrunk from the original and at the bottom it will tell you the total amount of savings for all the images you optimize at once.
Another great tool for optimizing images is ShrinkIt. The difference between ImageOptim and ShrinkIt is ShrinkIt allows you to optimize PDFs. If you have a magazine app or a PDF reader it will be quicker for users to download your PDFs if they are smaller.
ShrinkIt is a simple, small tool (for Mac OS X Snow Leopard) that will automate the process of stripping needless metadata from PDFs by re-saving them using Apple’s PDF processor. This is 100% lossless – it’s not compressing anything, just removing unneeded data. Simply drop a bunch of files onto it to have it do its magic. The original files will be renamed with the prefix “_org_” for safety, but you’ll probably just want to delete them.
Both of the apps above are great for reducing the size of your images and PDFs without losing any quality, so why wouldn’t you optimize?
Tools: Git and GitBox
When I first started making apps I didn’t care about version control software. I did have my own backup method that consisted of me copying my current code to another directory then add a version number to the end with a short description. This would ensure that I could go back to a previous version of working code if I messed up the current feature I was working on. When my apps started getting bigger and more complex I started to understand the value of true version control software.
Welcome to Git
Git is free software that allows you to take a snapshot of your codebase at anytime. Once you add Git to the directory of your project, then all of your files (including code, images, scripts and even the project settings) are saved and every change or keystroke is recorded, allowing you to revert back anytime. If you accidentally delete a file you can bring it back with Git. If you want to go back in time and review a method that you deleted or changed you can do that. Git is most important when you are working in teams. It allows multiple people to work on the same codebase and check-in a different times, usually automatically merging the code together.
The easiest way to get started on a Mac is to download the install here (again it’s FREE).
To learn all about Git and it’s commands, read the Git Book. It’s a great book on learning the basics and best of all it’s FREE as well. Once you have Git installed, follow the instructions here to create your first repository: Git Basics – Getting a Git Repository
Git can be run locally on your computer, you don’t need to have a hosted environment for it to work. Yet the advantage of having your code hosted allows you to work on it in different locations. Also since it’s hosted remotely it’s safe from your computer hard drive crashing and losing all your code that you worked on for all those hours. The most popular hosted environment is called GitHub. If you work for a company, more often than not they will have an account where all of the code for their apps is kept. GitHub is not free and requires you to pay for the number of code repositories you have. If you are an independent developer you will probably want to use BitBucket, it’s completely FREE and you can setup as many repositories as you need. I’ve been using it for all of my independent apps and it is fantastic!
When I first started using Git I only used the command line as described in the Git Book above. There are a couple good applications that allow you to manage your Git repository using a GUI. You can even use Git within XCode since it has it’s own Source Control built in (File > Source Control). This works fairly well until you start using sub-projects. The tool that I use is called GitBox. It’s a very simple app that organizes your Git repositories, see all your changes and easily commit files and push to a remote hosted environment.
For more information on GitBox checkout their website. It costs $14.99, but it’s worth every penny to ensure your code is managed correctly and keeps you out of the Terminal.