2

I'm looking for a way to perform a network trace between an iOS app I'm developing, and a server I own, using my mac to intercept traffic. Traffic is encrypted via SSL ; I own the domain, and the PKCS12 certificate used to encrypt the traffic.

I've been able to perform the trace itself following Apple's guidelines (https://developer.apple.com/library/content/qa/qa1176/_index.html), and see the encrypted SSL exchanges. Yet, I can't seem to decrypt the packets content, even when following guidelines described e.g here (https://support.citrix.com/article/CTX116557).

We're using the basic URLSession implementation in our code (no Alamofire involved).

We managed to use ZAP working in the past, but this doesn't work anymore because of the recently increased safety measures. Burp didn't do the trick either.

Any suggestions regarding which tools to use, or how the project should be configured, would be greatly appreciated.

Jeremie Vincke
  • 113
  • 6
  • You don't really say what the problem with ZAP or Burp is."Recently increased safety measures" is not really a description. From the citrix.com link you provided, "The Diffie Hellman (DHE) ciphers cannot be decrypted." So configure your server to only use RSA ciphersuites. For example, configure it to only use one ciphersuite, TLS_RSA_WITH_AES_128_CBC_SHA, or TLS_RSA_WITH_AES_128_CBC_SHA256 – President James K. Polk Jan 05 '18 at 19:10
  • You can use [Charles Proxy](https://www.charlesproxy.com), free for 30 day trial. – zaph Jan 05 '18 at 19:48

0 Answers0