macOS

How to install Certificate and decrypt HTTPS Request/response in macOS device. Support Automatic and Manual steps

PreviousBreakpoint for iOS Tutorial NextiOS Device

Last updated 2 months ago

macOS

How to install Certificate and decrypt HTTPS Request/response in macOS device. Support Automatic and Manual steps

Install & Trust Proxyman Certificates on your Mac

In order to intercept encrypted HTTPS messages (Request or Response), you have to install Proxyman CA Certificate on your current machine. This step is mandatory for iOS, Android devices, iOS simulators, Java VMs, and Firefox too.

The Proxyman Certificate is a self-signed certificate that is generated on your machine. Proxyman never stores or transmits any personal data to Proxyman's server or 3rd-party.

Please check out the Privacy Statement to understand what Proxyman obtains or not.

If you'd like to manually generate a Certificate on your machine, then add it to Proxyman. Please check out the Custom Certificate Doc

Proxyman's certificate is stored locally at ~/Library/Application\ Support/com.proxyman.NSProxy/app-data/

1. Automatic mode (recommended)

Proxyman could automatically install & trust the Certificate in Keychain by following the below steps:

Open the Certificate menu
Install a Certificate on this Mac...
On the Automatic Mode -> Enter your Mac's password (Root Privileges)
Verify the status: ✅ Installed & Trusted in the button (If not, try to use the Manual Tab, or contact us for further support)
Done

Automation mode requires Root Privileges to perform the installation script. If you're not sure, please consider using Manual mode.

How does it work?

In automatic mode, Proxyman will automatically perform two steps:

Generate a local Proxyman Certificate at ~/Library/Application\ Support/com.proxyman.NSProxy/app-data/proxyman-ca.pem
Install & Trust the certificate to System Keychain Access. It requires Root Privileges to execute the following CLI:

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/Library/Application\ Support/com.proxyman.NSProxy/app-data/proxyman-ca.pem

2. Manual Mode (Advance)

Proxyman also offers more freedom for super-users who need to install the certificate on their behalf.

Open the Certificate menu
Install a Certificate on this Mac... -> Select the Manual Tab
Click on the Generate & Add button (Proxyman will locally generate the certificate and add it to Keychain, but not Trust it automatically, no Password required)
In some cases, System Keychains will ask to select what keychain should be installed -> Select System Keychain
Open the Keychain Access app on your Mac -> Search "Proxyman CA" -> Open -> Select "Always Trust" -> Quit Keychain and Save

If you've done it correctly, Proxyman will display " ✅ Installed and Trusted" status.

If you'd like to use your own custom Root Certificate, please check out the Custom Certificate Doc

Suppose you are not sure how to trust the certificate on the Keychain Access app. You can open the Terminal app and execute the command:

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/Library/Application\ Support/com.proxyman.NSProxy/app-data/proxyman-ca.pem

Make sure that you Delete the Proxyman Certificate in Keychain app if you're not using Proxyman anymore. If not, anyone who has the Proxyman Certificate can intercept your HTTP/HTTPS requests from your macOS machine.

3. Uninstall Proxyman Certificate

Open Certificate Menu
Reset all Certificates
Enter your Mac password and done