3

I have used Charles for a while. I couldn't get it working for the longest time, then I somehow managed to get it working again. Great!

This is for testing iOS apps on iPhone. This is not an emulator, nor is it a website in a browser.

Then I updated my iPhone to iOS 15.1. I wiped my phone and reinstalled everything. Now Charles will not read network traces. Everything that is in my SSL Proxying Includes takes a trace, has a little blue ball next to it, but the trace itself shows as <unknown> with an Error of Input Error: EOF

What I've tried:

  • Adding urls to the "Include" section of "SSL Proxying" and wrapping those includes with a wildcard *
  • Resetting SSL Certificate
  • I have deleted all Certificates and Reinstalled
  • Deleted Charles and Reinstalled
  • I have enabled all certificates once installed by going to Settings > General > About > Certificate Trust Settings and enabled full trust for all root certificates
  • Downloaded Charles desktop application, configured WiFi proxy settings on my iPhone to manual proxy with the IP Address of my computer (on Mac: open Network Settings) and the Port: 8888 (on Charles desktop app: Proxy > Proxy Settings > HTTP Proxy). Then on iPhone go to http://www.charlesproxy.com/getssl in Safari to install certificate (and enable all certificates once installed as I've done above)

I've worked with Charles for a while, and I'm at a loss. I've read other posts in StackOverflow and read the Charles documentation so many times I feel like I know it inside and out. Any other ideas?

petestmart
  • 500
  • 11
  • 27
  • 1
    I have the same problem in iOS 15.1. I assume it is a bug introduced with 15.1 and have resorted to doing Charles testing on devices running prior iOS versions. – Rob Nov 10 '21 at 05:54
  • 1
    I guess it might get be worthwhile to (a) try [WireShark](https://wireshark.org); (b) open a ticket on Apple’s [Feedback Assistant](https://feedbackassistant.apple.com/); and (c) report it to [Charles Proxy](https://charlesproxy.com). With the new private relay stuff, I think that Apple has been doing some low-level network layer changes (even with private relay turned off), and I think it’s broken Charles. – Rob Nov 10 '21 at 06:11
  • @Rob I've tested iOS 15.1 with Charles Proxy and it doesn't work too. Have to follow Petestmart's answer to make it works – Nghia Tran Nov 11 '21 at 08:14
  • Also, I confirm that iOS 15.1 doesn't change any TLS/SSL security requirements. It works fine with Proxyman, which is the app I develop for. To make it works, just follow this iOS Proxyman Documentation at https://docs.proxyman.io/debug-devices/ios-device – Nghia Tran Nov 11 '21 at 08:16

4 Answers4

4

One other thing to check - make sure any VPNs you might have on your iOS device are disconnected. Bear in mind, Apple has also added the "Private Relay" feature in iOS 15 - so make sure that isn't enabled in your iCloud settings too.

This has confused me in the past, where I've forgotten to disable an active VPN connection.

Josh Butler
  • 776
  • 6
  • 5
2

I know the Original Poster has stated that "Resetting SSL Certificate" did not work for him. I just want to put out in case it's useful for anyone stumbling across this thread: On my iPhone running iOS 15.3.1, Charles Proxying was failing to show me the requests and responses for all locations for which I had enabled SSL Proxying. What fixed it for me was the following:

  1. In the iPhone device, disable and remove the Charles certificate.
  2. In Charles, hit the "Reset Charles Root Certificate..." option (available via the "Help" -> "SSL Proxying" menu).
  3. In the iPhone device, download the Charles certificate afresh, install it and enable it.

I am assuming in all of the steps above that you have configured your iPhone to use Charles as its HTTP Proxy.

Adil Hussain
  • 30,049
  • 21
  • 112
  • 147
0

I was able to resolve this by adding more subdomains (and duplicate domains wrapped in wildcards * *) to my included SSL Proxies.

Examples

chat.example.com*

*.example.com*

*chat.example.com*

It's helpful to keep a record of the domains in your SSL Proxy includes because every time you reset your certificate the includes are also reset. I took a screenshot and keep them in a folder now.

petestmart
  • 500
  • 11
  • 27
0

iPhone with Charles Proxy on Mac

[Signature, Certificate]

Mac and iPhone should use same wifi network

Mac

  • Proxy -> macOS Proxy
  • Help -> Local IP Addresses or Help -> SSL Proxying -> Install Charles Root Certificate on a Mobile Device or Remote Browser

iPhone

  • Settings -> Wi-Fi -> info -> Configure Proxy -> Manual -> Server -> Port -> 8888(usually) -> Save
  • Safari -> chls.pro/ssl
  • Settings -> General -> VPN & Device Management ->
  • Settings -> About -> Certificate Trust Settings ->

Notes:

  • Switch off any VPN connections beforehand
  • CA certificate can have some issues(e.g. expired) it will be red at VPN & Device Management to fix it regenerate a new one Help -> SSL Proxying -> Reset Charles Root Certificate and use this one
  • [Charles proxy and Tunnel Bear]
yoAlex5
  • 29,217
  • 8
  • 193
  • 205