This tutorial will show you how to configure Charles and your device so you can view your app’s network traffic in plain text.
NOTE: Since Android Nougat (7.1), Google have blocked you from intercepting/decrypting network traffic from Play Store apps.
NOTE: To proceed with this tutorial, you will need to be able to build your own Android app. Make sure the “Network Security Config File” has been added to your app’s repo (see more details here and here).
Have access to build your own Android app
Make sure you have setup the Charles Root certificate on your Mac
Check Wi-fi networks
Make sure your Mac and Android device are on the same Wi-Fi network
Find your Mac’s local IP address
Open Charles -> Help -> Local IP address.
Make note of the IP address as you will need to enter it into your device later
Navigate to device’s Wi-Fi proxy screen
Settings -> Wi-fi -> long press the connected Wi-Fi network to bring up the menu -> Modify -> Advanced options -> select “Manual” from the proxy drop down
NOTE: there are slight navigation differences between OS versions in how to get to your Wifi proxy settings but they should be fairly similar to these screenshots
Configure device’s proxy settings
This step will proxy all your device’s internet traffic through your laptop
- Proxy hostname: this is your Mac’s local IP address
- Proxy Port: 8888
Accept incoming network traffic from your device
On your device, open Chrome and go to a website
Return to your Mac. You should now see this prompt from Charles. Click “Allow”
Encrypted traffic from the device should now appear in Charles
Download Root certificate for device
Return to the device, open Chrome and go to chls.pro/ssl.
Install Root certificate
Navigate to the Downloads folder on your device and find the Root certificate. Tap to install
Android will now prompt you to enter pin, password or fingerprint before installing the Root certificate
Enable SSL proxying to view traffic in plain text
Return to Charles, right click the network request you are interested in and click the “Enable SSL Proxying” option
FYI, I am using an Android app a friend created to demonstrate decrypting Android app traffic
NOTE: As mentioned at the start of the article, you need the ability to build your own Android app to view decrypted traffic. This step will not work with an app downloaded from the Play Store
Kill and Reopen app
Kill and reopen the app. You should now see the network request details in plain text
Still having problems?
See common Android problems for more help