Hello.
I have one rooted Bluestacks instance and I need to proxy data from it with Fiddler.
The issue in SSL traffic.
My test env is:
- Main host - Windows 10.
- Bluestacks is installed on main host.
- ProxyCap is installed on main host, configured to grab all traffic from Bluestacks to proxy traffic to Fiddler.
- Fiddler is installed on main host.
FiddlerRootCertificate.crt was successfully installed on main host. Also it was installed with HD-SslCertificateTool.exe to Bluestacks:
Installing certificate at FiddlerRootCertificate.crt into BlueStacks.
Certificate subject hash is e5c3944b.
Using certificate name e5c3944b.0
SSL certificate was successfully added.
I see e5c3944b.0 file in /system/etc/security/cacerts/ in emulator (Bluestacks).
But when I enable option in Fiddler "Decrypt HTTPS traffic", everything, that use HTTPS (Play Market, Apps, Google Chrome) stopped to work.
Meanwhile, when I open Google Chrome at main host, SSL sites opened fine and I see in site cert info DO_NOT_TRUST... So, env configured correctly.
I can't understand, why it doesn't work on Bluestacks?
I expected, that Google Chrome on Bluestacks will open sites with "DO_NOT_TRUST..." cert, or will show info about incorrect cert, when I am trying to open https://rbc.ru/
But it can't connect:
This site can’t be reached play.google.com unexpectedly closed the connection.
Try:
Checking the connection
ERR_CONNECTION_CLOSED
and in Fiddler I see 3 records with same result:
fiddler.network.https> HTTPS handshake to 80.68.253.3 (for #14208) failed. System.Security.Authentication.AuthenticationException The remote certificate is invalid according to the validation procedure.
Any ideas, how to make it work on Bluestacks?
I also made some tests and I see, that OpenSSL gives an error with FiddlerRootCertificate.crt:
openssl x509 -inform PEM -text -in FiddlerRootCertificate.crt -out /dev/null >> 5ed36f99.0
Error is:
unable to load certificate
3069218832:error:0909006C:PEM routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
May be problem is in FiddlerRootCertificate.crt and Android doesn't count it as trusted cert?