Help us understand the problem. What is going on with this article?

Android7からcharlesでssl通信が見れなくなった件

More than 1 year has passed since last update.

問題

Charlesを使用して通信デバッグをしていたが、Android7以上の端末でssl通信が見れなくなった。

原因

どうやらネットワークセキュリティーの仕様が変わったらしい
Changes to Trusted Certificate Authorities in Android Nougat

3行まとめ

  • より安全なデフォルトを提供するためにAndroidが信頼できる認証局(CA)の仕様を変更したよ
  • Apiレベル24(Android 7)以上からだよ
  • CAを明示的に有効にしないと通信はみれないよ

対応方法

信頼できるCAを追加しましょう
https://developer.android.com/training/articles/security-config.html?hl=ja#CustomTrust

カンタン導入

デバッグだけ通信を見れる様にする

1. AndroidManifestの<application>に下記を追加

android:networkSecurityConfig="@xml/network_security_config"

2. network_security_config.xmlres/xml/に追加

<network-security-config>
    <base-config>
        <trust-anchors>
            <certificates src="system" />
        </trust-anchors>
    </base-config>
    <debug-overrides>
        <trust-anchors>
            <certificates src="user" />
        </trust-anchors>
    </debug-overrides>
</network-security-config>

なにか間違いがあればコメントお願いします

Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away