How to intercept and capture HTTPS Traffic on Android Devices?

Cover Image for How to intercept and capture HTTPS Traffic on Android Devices?

Update #1: 11 Feb 2025 with new Android Studio version and sample project

1. Intercept and capture HTTP/HTTPS Traffic Requests/Responses from Physical Android Devices

Intercepting HTTPS traffic on Android Devices is more complicated than iOS. This mini-blog will guide you on how to start intercepting HTTPS Traffic from Android Devices.

This tutorial will cover the following:

  • How to setup Proxy and install Certificate on Android Devices
  • How to intercept HTTPS Traffic with Proxyman
  • Troubleshooting

Intercept HTTPS Traffic on Android Devices / Emulators

This tutorial is for physical Android devices. If you're using Android Emulators, please refer to the Intercept HTTPS Traffic on Android Emulators

Proxyman comes with auto script for Android Emulator. It can do everything in 1 click. Faster and easier.

2.0 Android Physical Device

2.1 Prepare

  • Android Studio
  • Your Android physical device. For this tutorial, we will use Emulator for demo purpose.
  • Download This Sample Android App

2.1 Android Setup Guide

  1. Open Proxyman app -> Certificate menu -> Install Certificate on Android -> Physical Devices
  2. At this stage, you should see the setup guide as below:
How to setup android physical device with Setup Guide
How to setup android physical device with Setup Guide

2.2 Set Wifi Proxy to Proxyman

  • Open your Android Emulator -> Setting app -> Wifi: Make sure your Wifi connection is good. Sometimes, it's "Limited Connection" that you could not set the Wifi Proxy. If it happens, please remove the emulator and create a new one again.
On Android devices, open Setting -> WiFi
On Android devices, open Setting -> WiFi
  • Click on the Wifi then clicking on Edit Button in two places
Click on Edit WiFi
Click on Edit WiFi
Intercept HTTPS Traffic on Android Devices
Intercept HTTPS Traffic on Android Devices
  • Start set HTTP Proxy that the same IP and Port value from Android Guideline (Proxyman app -> Certificate -> Install Certificate on Android Devices)
Config the same IP with Proxyman
Config the same IP with Proxyman

Make sure the Proxy Hostname and Port match with the values in (Proxyman app -> Certificate -> Install Certificate on Android Devices)

2.3 Download and Install Proxyman Certificate

  1. Open Google Chrome on your Android Emulator
  2. Visit http://cert.proxyman.io or http://proxy.man/ssl
  3. Download the Certificate and select VPN and App Category
Download certificate to Android devices
Download certificate to Android devices
  1. It's time to install the certificate to User Store.
  2. On your Android -> Open Setting app -> Security -> Encryption & Credentials -> Install a Certificate -> CA Certificate -> Select the certificate you just downloaded -> Install Certificate -> Install (Please note that this screen might be different depends on your Android version or models)
  3. Verfify Proxyman Certificate is installed successfully in the User Tab in Trusted Credentials screen
Verify Proxyman Certificate is installed successfully in the User Tab in Trusted Credentials screen
Verify Proxyman Certificate is installed successfully in the User Tab in Trusted Credentials screen

NOTES:

If you could not access http://cert.proxyman.io or http://proxy.man/ssl

  • It means Wifi Proxy doesn't work -> Turn OFF / ON the Wifi in Emulators might do the trick
  • You're using VPN on your Android Devices -> Please turn it off
  • At this stage, please verify that everything is good before moving to the next stage

2.4 Start the sample project

  1. Download the Sample Android App
  2. Open it with Android Studio
  3. Make sure Proxyman app is opening
  4. Start the sample project again in Android Studio and click on GET or POST button
  5. At this stage, you can see HTTPS Traffic on Proxyman -> Select google.com domain and enable SSL
Intercept HTTPS Traffic on Android Devices with Proxyman
Intercept HTTPS Traffic on Android Devices with Proxyman

3. XML Configs

Please be aware that Proxyman app will not intercept the traffic if your domains are not listed in the XML Configs.

  • res/xml/network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:tools="http://schemas.android.com/tools">

    <uses-permission android:name="android.permission.INTERNET" />

    <application
        android:allowBackup="true"
        android:dataExtractionRules="@xml/data_extraction_rules"
        android:fullBackupContent="@xml/backup_rules"
        android:icon="@mipmap/ic_launcher"
        android:label="@string/app_name"
        android:roundIcon="@mipmap/ic_launcher_round"
        android:supportsRtl="true"
        android:theme="@style/Theme.Proxyman_Sample_OKHTTP_App"
        tools:targetApi="31"
        android:networkSecurityConfig="@xml/network_security_config">
        <activity
            android:name=".MainActivity"
            android:exported="true"
            android:label="@string/app_name"
            android:theme="@style/Theme.Proxyman_Sample_OKHTTP_App">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />

                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>

</manifest>
  • Add to AndroidManifest.xml
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:tools="http://schemas.android.com/tools">

    <uses-permission android:name="android.permission.INTERNET" />

    <application
        android:allowBackup="true"
        android:dataExtractionRules="@xml/data_extraction_rules"
        android:fullBackupContent="@xml/backup_rules"
        android:icon="@mipmap/ic_launcher"
        android:label="@string/app_name"
        android:roundIcon="@mipmap/ic_launcher_round"
        android:supportsRtl="true"
        android:theme="@style/Theme.Proxyman_Sample_OKHTTP_App"
        tools:targetApi="31"
        android:networkSecurityConfig="@xml/network_security_config">
        <activity
            android:name=".MainActivity"
            android:exported="true"
            android:label="@string/app_name"
            android:theme="@style/Theme.Proxyman_Sample_OKHTTP_App">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />

                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>

</manifest>

4. Troubleshooting

Depend on Android Emulator and APIs version, you might encounter some errors.

  • After setting the Wifi Proxy in Android Studio, I could not visit http://proxy.man/ssl => Please try to restart the Emulator and make sure the Wifi Status in Emulator is "Connected" => Delete your Android Emulator and create a new one

  • I get SSL Errors when intercepting HTTPS traffics => Sometime, your Android Emulator doesn't load Proxyman Certificates => Please stop the project and start again. => Make sure your domains are listed in res/xml/network_security_config.xml

5. What's Next?

Intercept or capture HTTPS traffic from Android Emulator with 1 click
Intercept or capture HTTPS traffic from Android Emulator with 1 click

Proxyman is a high-performance macOS app, which enables developers to capture HTTP/HTTPS requests from apps and domains on iOS device, iOS Simulator and Android devices.

Get it at https://proxyman.com

Noah Tran
Noah Tran