Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: Help using libcurl with HTTP proxy on Android device
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: David Castillo via curl-library <curl-library_at_lists.haxx.se>
Date: Tue, 11 Apr 2023 14:09:22 -0700
> But did you install it as a new root certificate or as a client
certificate on the android device?
As far as I understand, I installed it as a new root certificate, but I'm
not sure. I went to "Settings -> Passwords & security -> Privacy ->
Encryption and Credentials -> Install a certificate -> CA certificate".
Then if I go to "Trusted Credentials" on the device, I can see the Charles
certificate in the "User" tab
> Can you access other https locations? If so then the other root ca:s
works on the device for some reason
Yeah, I can access HTTPS locations without the proxy. I think the system
certificates that are in the "/system/etc/security/cacerts" directory don't
have any problem because those are PEM format (I checked that by grabbing
one of those certificates and doing "openssl x509 -in <certificate> -inform
PEM -text -noout" on my computer).
The problem seems to be that when Android installs the new certificate, it
converts it to DER format for some reason, which libcurl can't handle. I
want to know if there's a way to handle this using libcurl. Maybe there's a
way to convert the certificate before libcurl tries to verify it?
Date: Tue, 11 Apr 2023 14:09:22 -0700
> But did you install it as a new root certificate or as a client
certificate on the android device?
As far as I understand, I installed it as a new root certificate, but I'm
not sure. I went to "Settings -> Passwords & security -> Privacy ->
Encryption and Credentials -> Install a certificate -> CA certificate".
Then if I go to "Trusted Credentials" on the device, I can see the Charles
certificate in the "User" tab
> Can you access other https locations? If so then the other root ca:s
works on the device for some reason
Yeah, I can access HTTPS locations without the proxy. I think the system
certificates that are in the "/system/etc/security/cacerts" directory don't
have any problem because those are PEM format (I checked that by grabbing
one of those certificates and doing "openssl x509 -in <certificate> -inform
PEM -text -noout" on my computer).
The problem seems to be that when Android installs the new certificate, it
converts it to DER format for some reason, which libcurl can't handle. I
want to know if there's a way to handle this using libcurl. Maybe there's a
way to convert the certificate before libcurl tries to verify it?
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2023-04-11