Open jeremyross opened 4 years ago
NghiaTranUIT
commented
4 years ago Hi, it might be a bug somewhere in the Core v1 of Proxyman since I haven't tested with any Java app. Can you share with me the app name? I would like to download and investigate the bug @jeremyross
jeremyross
commented
4 years ago @NghiaTranUIT It's an internal app and uses Apache Camel's http component. I can't share it, but if it would help, I could probably put together a very simple test case app. Let me know if that would help. Thanks.
NghiaTranUIT
commented
4 years ago Can you double-check whether or not the app is using SSL-Pinning that prevent MitM app intercepts the HTTPS contents?
If yes, please disable it. Generally, Proxyman should work well with all apps that use HTTP(s)-bases network (no SSL-Pinning)
NghiaTranUIT
commented
4 years ago Hi @jeremyross , I just released a new beta version of Proxyman, which is fully written with Apple Swift NIO. Please help me if this build works for you: https://github.com/ProxymanApp/Proxyman/issues/500#issuecomment-640187667
NghiaTranUIT
commented
4 years ago So, it turns out that debugging the JAVA app is far complicated than I thought. You can read the instruction on Charles Proxy: https://www.charlesproxy.com/documentation/using-charles/ssl-certificates/ (Java Applications section)
Basically, it's the same steps if you need to intercept the java app with Proxyman. You can export the Root Proxyman Certificate by going to Preference -> General -> Export Cert
timothybasanov
commented
3 years ago Turns out Charles has a script that installs its certificates into a default JDK: /Applications/Charles.app/Contents/Resources/add-to-java-cacerts.command. It is invoked from Help | SSL Proxying | Install into Java VM. Proxyman can do something similar, but with a better UI. :)
And while we're at it may make sense to add it to more places as some applications (particularly command line ones) do not use Keychain: /etc/ssl/cert.pem, /uts/local/lib/python*/site-packages/pip/_vendor/certifi/cacert.pem
NghiaTranUIT
commented
3 years ago Thanks for the hint @timothybasanov . I'm looking on this approach 👍
NghiaTranUIT
commented
3 years ago For anyone needs to install to Java app: https://github.com/ProxymanApp/Proxyman/issues/569#issuecomment-668668602
I'm going to write a script to do it automatically in 2.4.0 👍
Proxyman version? (Ex. Proxyman 1.4.3)
1.23.0
macOS Version? (Ex. mac 10.14)
10.14.6
Steps to reproduce
I'm attempting to debug a java application. By default, it appears that none of the application's traffic is visible in ProxyMan. I assume this is because Java applications don't use the OS networking facilities (but I'm not sure). So I tried forcing the application to use 127.0.0.1:9090 as a proxy. Now the problem is that when the application attempts to make an https call, it hangs indefinitely. Any idea why this is happening?