Open besweeet opened 1 year ago
yoshimo
commented
1 year ago Client Certificate is another step in the authentication process. You need the cert instead of an username&password. It is not the same as the server certificate that you need to add trust for.
besweeet
commented
1 year ago Client Certificate is another step in the authentication process. You need the cert instead of an username&password. It is not the same as the server certificate that you need to add trust for.
Is a rooted device required to export the client cert to then import into Fiddler? If so, that's where this journey ends for me.
yoshimo
commented
1 year ago Could also be a static one, embedded somewhere in the apk. One has to dig through the file and find what they do.
Google Play link: https://play.google.com/store/apps/details?id=com.peacocktv.peacockandroid
My goal is to use Fiddler's HTTPS proxy to monitor traffic from my Android phone.
Technically, apk-mitm patched the APK (via APKPure) successfully, but Fiddler still says "The server requests a client certificate" so either the app is good at detecting cert changes or the patching process didn't actually work.