question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Feature Suggestion: Installing proxy certificate on Android emulators

See original GitHub issue

The problem

** Feature suggestion/request ** This would be the counterpart of https://github.com/appium/appium-xcuitest-driver/blob/master/lib/commands/certificate.js for android to provide the ability to install proxy certificates on android emulators.

Details

Here’s how to install proxy certificates with adb and ruby.

`emulator -avd <avd-name> -http-proxy <proxy-address>:<proxy-port> -writable-system &` # '-writable-system' gives root access
# make sure proxy server is running on specified port before starting emulator if you want to set proxy server for emulator
cert_file = '~/.mitmproxy/mitmproxy-ca-cert.cer' # i used mitm, though any valid .cer file should work.
filename  =`openssl x509 -in #{cert_file} -hash -noout`.chomp # creating filename for .0 file
`sh "openssl x509 -in #{cert_file} > #{filename}.0"`# dumping content of the .cer file, .0 is the binary file which stores the system certificates
`sh "openssl x509 -in #{cert_file} -text -fingerprint -noout >> #{filename}.0"`
`sh 'adb root'`
`sh 'adb remount'`
`sh "adb push #{filename}.0 /system/etc/security/cacerts"`
`sh 'adb remount'`
`sh "rm #{filename}.0"`

After doing these steps if emulator are not reset to original config, the system certificate file will persist. No more annoying SSL errors as long as the certificate signatue does not changes.

I used MITM proxy hence providing proxy server and port was required.

Pro-

  1. No need to set a password for installing a certificate.
  2. The whole process hardly takes 10 seconds, including device boot.
  3. Once the process is done -writable-system can be removed, simply reboot without the flag.
  4. This could also work with real rooted device if anyone utilizes rooted device in there automation infra.

Cons-

  1. We are making changes to Android system, very minimal though at lease for emulators.

Why not a PR?

I don’t have enough knowledge/experiance with node.js and Appium codebase. So my pull request will be stuck forever into review or possibly rejected. I’m raising it here so someone can pick this up and implement it as soon they can.

Environment

  • Appium version (or git revision) that exhibits the issue: NA
  • Last Appium version that did not exhibit the issue (if applicable): NA
  • Desktop OS/version used to run Appium: NA
  • Node.js version (unless using Appium.app|exe): NA
  • Mobile platform/version under test: Android
  • Real device or emulator/simulator: emulator( if the real device is rooted it should work, never tested though)
  • Appium CLI or Appium.app|exe: NA

cc: @mykola-mokhnach

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Reactions:3
  • Comments:44

github_iconTop GitHub Comments

1reaction
mykola-mokhnachcommented, Jul 22, 2018

-writable-system argument is also redundant

1reaction
pr4bh4shcommented, Jun 29, 2018

About checking the current proxy value set by-http-proxy, I havn’t done that as I never needed it. I think it might be possible, I’ll try to find out if there is anyway to do it.

I’ll test appium/appium-android-driver#386 this weekend and update here.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Android Device & Emulator - Proxyman Documentation
1. Install Root Proxyman Certificate on your machine: You can follow the macOS Guide. · 2. Get your Android Device or Emulator ->...
Read more >
System CA on Android Emulator - mitmproxy docs
# Install System CA Certificate on Android Emulator · 1. Prerequisites · 2. Rename certificate · 3. Insert certificate into system certificate store....
Read more >
Configuring Burp Suite with Android Emulators
Once you transfer the certificate, go to Settings > Security > Encryption & Credentials . Then click on the "Install certificates from SD...
Read more >
A Guide To Charles Proxy for Mobile Development - Detroit Labs
In Charles menu, go to: Help -> SSL Proxying, and select Install Charles Root Certificate on a Mobile Device or Remote Browser. Screen...
Read more >
Security with network protocols - Android Developers
Client apps need a mechanism to verify the server because the CA offers certificates for numerous servers. The CA's certificate identifies the ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found