使用Charles遇到的問題
問題1:證書檢驗不通過
錯誤: Cause: unable to find valid certification path to requested target
使用命令行報的詳細錯誤: Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.upgrade(DefaultHttpClientConnectionOperator.java:185)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.upgrade(PoolingHttpClientConnectionManager.java:369)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:415)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.gradle.internal.resource.transport.http.HttpClientHelper.performHttpRequest(HttpClientHelper.java:149)
at org.gradle.internal.resource.transport.http.HttpClientHelper.performHttpRequest(HttpClientHelper.java:127)
at org.gradle.internal.resource.transport.http.HttpClientHelper.executeGetOrHead(HttpClientHelper.java:104)
at org.gradle.internal.resource.transport.http.HttpClientHelper.performRequest(HttpClientHelper.java:95)
原因: 設置了SSL Proxying裏的include項爲*: *,導致Charles抓取了所有網址的數據,導致證書驗證不通過,如下圖:
解決方案: 在SSL Proxying裏的exclude項將遠程地址添加進去,遠程地址如下:
https://jcenter.bintray.com
https://jitpack.io
https://repo1.maven.org
https://maven.aliyun.com
https://dl.google.com
問題2:抓取Https包亂碼
錯誤: 如下圖示例
原因: 未安裝證書
解決方案:
- 安裝本地證書,以Mac爲例,步驟如下:
- Help -> SSL Proxying -> Install Charles Root Certificate,如圖
- 找到CharlesProxy的證書,在信任裏加密套接字協議層(SSL)項下拉選擇始終信任,如圖
- Help -> SSL Proxying -> Install Charles Root Certificate,如圖
- 將證書安裝到手機上
- 方法1,步驟如下:
- Help->SSL Proxying->Install Charles Root Certificate …Browser,然後彈出如下彈窗:
- 在手機已經連接代理的情況下,在瀏覽器中輸入chls.pro/ssl,然後將證書下載到本地,再進行安裝。
- Help->SSL Proxying->Install Charles Root Certificate …Browser,然後彈出如下彈窗:
- 方法2,步驟如下:
- Help->SSL Proxying->Save Charles Root Certificate… 將證書下載到本地,再將證書傳輸到手機上,再進行安裝。
- 方法1,步驟如下: