如何将CA证书添加到Android手机的系统信任存储中?

huangapple go评论137阅读模式
英文:

How to add CA certificate to system trust store in android mobile?

问题

我想使用LoadRunner测试移动应用程序的性能(服务器端)。我可以通过将LoadRunner代理证书推送到用户存储中来捕获Web应用程序的网络流量,但无法记录原生或混合应用程序的流量,因为应用程序显示错误消息:“无网络连接”。我了解到,为了运行,证书必须存在于系统存储中。有没有办法将证书推送到系统信任存储中?

英文:

I want to test the performance(server-side) of the mobile application using LoadRunner. I'm able to capture network traffic for the web apps by pushing the LoadRunner proxy certificate to the user store and not able to record traffic for the native or hybrid apps since apps are showing error - "No internet connection". Got to know that in order to run the certificate should be present in system store. Is there any way to push certificate to the system trust store?

答案1

得分: 0

你需要拥有一个已root的手机,才能够将自签名的MITM证书添加到操作系统中。

或者,你可以修改你的应用程序的网络安全配置,以信任用户安装的证书。

  1. 在你的应用程序清单应用程序部分中添加以下行:

     android:networkSecurityConfig="@xml/network_security_config"
    
  2. 在你的应用程序资源文件夹中创建network_security_config.xml文件,并将以下代码放入其中:

     <?xml version="1.0" encoding="utf-8"?>
     <network-security-config>
         <debug-overrides>
             <trust-anchors>
                 <!-- Trust user added CAs while debuggable only -->
                 <certificates src="user"/>
             </trust-anchors>
         </debug-overrides>
     </network-security-config>
    
  3. 调试模式构建你的应用程序。

  4. 用你刚刚构建的应用程序替换原始的.apk文件。

更多信息:为代理录制配置Android设备

英文:

You need to have a rooted phone in order to be able to add a self-signed MITM certificate to the operating system.

Alternatively you can amend your application network security configuration in order to trust user-installed certificates.

  1. add the next line to the application section of your application manifest

    android:networkSecurityConfig=&quot;@xml/network_security_config&quot;
    
  2. create network_security_config.xml file in your application resources folder and put the following code there

    &lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot;?&gt;
    &lt;network-security-config&gt;
        &lt;debug-overrides&gt;
            &lt;trust-anchors&gt;
                &lt;!-- Trust user added CAs while debuggable only --&gt;
                &lt;certificates src=&quot;user&quot;/&gt;
            &lt;/trust-anchors&gt;
        &lt;/debug-overrides&gt;
    &lt;/network-security-config&gt;
    
  3. build your app in debug mode

  4. replace original .apk with the one you've just built on the device

More information: Configure Android Devices for Proxy Recording

huangapple
  • 本文由 发表于 2023年8月9日 14:31:55
  • 转载请务必保留本文链接:https://go.coder-hub.com/76865131.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定