how to set up node-http-mitm-proxy (certificate) with Android phone

Question

My goal is to route and record the traffic from an Android phone (Chrome or my own app) over a proxy. I would like to use this one: https://github.com/joeferner/node-http-mitm-proxy

After configuring my phone's wifi settings (IP and port of desktop machine), and trying to load a page in the mobile chrome, I am now facing a "Your connection is not private" dialog. On the desktop my proxy displays following:

HTTPS_CLIENT_ERROR on : [Error: 8190125312:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46
] {
  library: 'SSL routines',
  function: 'ssl3_read_bytes',
  reason: 'sslv3 alert certificate unknown',
  code: 'ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN'
}
HTTPS_CLIENT_ERROR on : [Error: 8190125312:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46
] {
  library: 'SSL routines',
  function: 'ssl3_read_bytes',
  reason: 'sslv3 alert certificate unknown',
  code: 'ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN'
}
HTTPS_CLIENT_ERROR on : [Error: 8190125312:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46
] {
  library: 'SSL routines',
  function: 'ssl3_read_bytes',
  reason: 'sslv3 alert certificate unknown',
  code: 'ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN'
}
HTTPS_CLIENT_ERROR on : [Error: 8190125312:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46
] {
  library: 'SSL routines',
  function: 'ssl3_read_bytes',
  reason: 'sslv3 alert certificate unknown',
  code: 'ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN'
}
HTTPS_CLIENT_ERROR on : [Error: 8190125312:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 46
] {
  library: 'SSL routines',
  function: 'ssl3_read_bytes',
  reason: 'sslv3 alert certificate unknown',
  code: 'ERR_SSL_SSLV3_ALERT_CERTIFICATE_UNKNOWN'
}

I guess this is somehow related to certificates, but can someone point me into the right direction of how to solve this issue?

This is how it's done for Charles Proxy: https://stackoverflow.com/a/39227880/457059 I am just clueless about which certificate to install on the Android side in case of using node-http-mitm-proxy

Did you try with more web pages? It is mandatory the nodejs proxy? Http pages are working? Some years ago I was able to do that with some shell app as proxy and an android app to set the proxy in the whole android system. I used that to check what urls are being loaded in the background by strange apk. — JRichardsz, Dec 29 '22 at 01:25

score 0 · Accepted Answer · answered Dec 29 '22 at 12:01

node-http-mitm-proxy creates the certificates itself. You just need to install the ca.pem certificate on the target device - that's it.

To do that, just copy (adb push) the .http-mitm-proxy/certs/ca.pem to your target device. To install it, you best follow this guide: https://docs.familyzone.com/help/how-to-install-certificate-authority-android

how to set up node-http-mitm-proxy (certificate) with Android phone

1 Answers1