如何将CA证书添加到Android手机的系统信任存储?

huangapple go评论240阅读模式
英文:

How to add CA certificate to system trust store in android mobile?

问题

我想测试使用LoadRunner测试移动应用程序的性能(服务器端)。我能够通过将LoadRunner代理证书推送到用户存储中来捕获Web应用程序的网络流量,但无法记录原生或混合应用程序的流量,因为应用程序显示错误消息 - "无互联网连接"。我了解到为了运行,证书应该存在于系统存储中。是否有任何方法可以将证书推送到系统信任存储中?

英文:

I want to test the performance(server-side) of the mobile application using LoadRunner. I'm able to capture network traffic for the web apps by pushing the LoadRunner proxy certificate to the user store and not able to record traffic for the native or hybrid apps since apps are showing error - "No internet connection". Got to know that in order to run the certificate should be present in system store. Is there any way to push certificate to the system trust store?

答案1

得分: 0

为了能够向操作系统添加自签名的MITM证书,您需要拥有一台已root的手机

或者,您可以修改您的应用程序的网络安全配置,以信任用户安装的证书。

  1. 在您的应用程序清单应用程序部分添加以下行:
android:networkSecurityConfig="@xml/network_security_config"
  1. 在您的应用程序资源文件夹中创建network_security_config.xml文件,并将以下代码放入其中:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <debug-overrides>
        <trust-anchors>
            <!-- 仅在可调试模式下信任用户添加的CA -->
            <certificates src="user"/>
        </trust-anchors>
    </debug-overrides>
</network-security-config>
  1. 调试模式下构建您的应用程序。
  2. 用您刚刚在设备上构建的那个替换原始的.apk文件。

更多信息:配置Android设备以进行代理录制

英文:

You need to have a rooted phone in order to be able to add a self-signed MITM certificate to the operating system.

Alternatively you can amend your application network security configuration in order to trust user-installed certificates.

  1. add the next line to the application section of your application manifest

    android:networkSecurityConfig=&quot;@xml/network_security_config&quot;
    
  2. create network_security_config.xml file in your application resources folder and put the following code there

    &lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot;?&gt;
    &lt;network-security-config&gt;
        &lt;debug-overrides&gt;
            &lt;trust-anchors&gt;
                &lt;!-- Trust user added CAs while debuggable only --&gt;
                &lt;certificates src=&quot;user&quot;/&gt;
            &lt;/trust-anchors&gt;
        &lt;/debug-overrides&gt;
    &lt;/network-security-config&gt;
    
  3. build your app in debug mode

  4. replace original .apk with the one you've just built on the device

More information: Configure Android Devices for Proxy Recording

huangapple
  • 本文由 发表于 2023年8月9日 14:31:55
  • 转载请务必保留本文链接:https://go.coder-hub.com/76865131-2.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定