HTTPS proxy like Charles

Question

I want to implement proxy server in node.js which is somewhat similar to Charles proxy - it should intercept HTTPS requests from my mobile app, decipher them, route some of them depending on body content to original backend and mock others with some static files.

1. How this HTTPS stuff is handled in Charles or other proxies?
2. Will I need self-signed root certificateon mobile device?
3. Are there any libraries which will help me?

Answer 1

1. How this HTTPS stuff is handled in Charles or other proxies?

Technically, Charles Proxy or Proxyman.io (the one I'm using now) would do the following steps:

• Generate a root certificate and install to keychain and trust it. This steps would do once.
• Open the Local Server (at 8888 or 9090).
• Override the HTTP Proxy in System to this port. Thus, all traffic will go through the port. You could use the networksetup CLI to easily achieve or Privileged Helper tool on macOS for high performance and secure.
• As soon as capture the first socket: If It's a HTTP request, get a first line message. Ex:

GET https://api.producthunt.com/v1/posts HTTP/1.1

• Then open the forward socket to this URL.
• If it's a HTTPS, make sure do SSL-Handshake and then get the first line message.
• Finally, just get the rest of message and parse to proper message(HTTPCParser from NodeJS would be potential candidate)
• Send data forward and back from the client and the destination server.
• Do manipulation actions if you need since you're the true mitm.

2. Will I need self-signed root certification mobile device?

Yes, you must install the Root Certificate in the first steps to your iOS device. For the Header/Response detail. Check chls.pro/ssl or proxy.man/ssl from those Charles or Proxyman, and see the content.

You can do it on iOS Simulator by using ADVTrustStore

3. Are there any libraries which will help me?

You can check the those famous open source to see how it works - mitmproxy - zapproxy - http toolkit

Hope this can help you.