Charles can be used as a man-in-the-middle HTTPS proxy, enabling you to view in plain text the communication between your iOS app and the SSL web server.
Charles does this by becoming a man-in-the-middle. Instead of your browser seeing the server’s certificate, Charles dynamically generates a certificate for the server and signs it with its own root certificate (the Charles CA Certificate). Charles receives the server’s certificate, while your browser receives Charles’s certificate.
Share WiFi & Setup Charles for SSL
Follow the steps below to setup Charles to enable SSL testing using Charles 3.10.x.
- Share your ethernet internet connection via WiFi, Settings > Sharing
You can see that you are sharing your internet connection if your WiFi has an up arrow within it.
- Download Charles: http://www.charlesproxy.com/download/ (free trial)
- Open Charles
- Go to Proxy > SSL Proxy Settings…
- Check “Enable SSL Proxying”
- Select “Add” and enter the host name and port (if needed)
- Click ok and make sure the option is checked
- Download the Charles cert, go to Help > SSL Proxying > Install Charles Root Certificate on a Mobile Device or Remote Browser
- Configure your device to use Charles as its HTTP proxy, WiFi > Select your network > tap the i for the details
- Modify the HTTP proxy to point to the IP address of the proxy as shown above.
- Open Safari on your iOS device and go to http://charlesproxy.com/getssl to install the Charles Certificate.
- Install the Certificate on your device when prompted
If you need to access the certificate later you can find it here, Settings > General > Profiles & Device Management
Testing SSL in your App
Now that Charles is setup and the connection between your app and your computer is working you can start to test the SSL calls within your app.
- Open Charles and click the Trash can to clear the current session
- Click on the URL of the host service you would like to see details on
- Click “Sequence” to see the details and scroll down until you see the URL of the host you wish to see the response details for.
- Double click on the line for the popup to appear so you can copy any values you need.