Today I needed to enable a Charles proxy on my Windows PC. Later I have managed the Genymotion virtual device to be monitored by the Charles proxy.

1. Download OpenSSL binaries

I have gotten an OpenSSL Win64 binary (Win32 is available too) on my Win 64bit machine (source). Alternatively you might download and unzip an OpenSSL library from here.

Now I have my project in C:\OpenSSL-Win64, the executable openssl.exe located in C:\OpenSSL-Win64\bin

2. Executive Config file

Config file is here – C:\OpenSSL-Win64\openssl.cnf

3. Charles CA cert

Let’s copy openssl.exe and openssl.cnf from bin folder into bin\CharlesCA folder.
Now we can proceed to make the certificate:
3.1 Output:
Generating a 2048 bit RSA private key
..............................................................................................................
..............................................................................................................
....+++
.......+++
writing new private key to 'private/ca_key.pem'

and a prompt for a passphrase that you need to enter follows:

Enter PEM pass phrase:
(Charles proxy will ask for this passphrase when it needs to)

3.2 Additional info
Following that, you’ll be asked to enter information that will be incorporated into your certificate request:

Now our key is at C:\OpenSSL-Win64\bin\CharlesCA\ca_key.pem

4. PKCS12 format

Next we are going to run a command to generate the PKCS12 format that Charles expects.

For the following prompts, you enter some arbitrary phrases and passwords (they might be empty)
Output:

Enter pass phrase for private/ca_key.pem:
Enter Export Password:
Verifying - Enter Export Password:
unable to write 'random state'

From this process, we get the following files:

ca_cert.pfx – this is where we need to point Charles.
ca_cert.pem – this is the CA certificate to add to clients
ca_key.pem – this is the key (keep this safe).

5. Set key to Charles

Now that we have this, we need to point Charles to the ca_cert.pfx, the CA cert we just generated. When we do this, Charles will ask for the passphrase (from point 3.1).

In the Charles Proxy app, you go to  the main menu Proxy->SSL Proxying settings. Then you choose Client Certificates and press Add button to load ca_cert.pfx file.

charles-add-ca-certificate

 

Using Genymotion With Charles Proxy

Eventually all the previous actions were needed to be able to use CA certificates in my PC virtual device. Here we apply it to the Genymotion Android emulator.

1. Copy cert to a virtual device

Now we copy the certificate into a running virtual device instance. Drag-&-drop it from cert\ca_cert.pem into the running virtual device:
charles-load-cert-to-virtual-device

2. Configure Genymotion’s virtual device for Charles proxy

In the Genymotion’s virtual device:

  • Go to Settings -> Wifi -> Press and hold your active wifi network.
  • Select Modify Networkgenymotion-wifi-modify
  • Select Show Advanced Options
  • Select Proxy Settings -> Manual
  • Set your Proxy to: 10.0.3.2 (Genymotion’s special code for the local workstation)
  • Set your Port to: 8888
  • Save the setting

Now the traffic of the virtual device will be monitored through the Charles proxy:

charles-monitoring-genymotion-traffic

(source)