Step by step guide on how to generate and import a custom certificate into the Packet Capture Android app. Useful when the "generate certificate" feature doens't work for you either.
- Generate certificate using
opensslon your (linux) computer. You can also do this right on your Android device with a terminal/Termux/openssl app.openssl req -x509 -newkey rsa:4096 -keyout key-private.pem -out key-public.pem -days 3650
- Export certificate to PKCS12 format
openssl pkcs12 -export -out keyBundle.p12 -inkey key-private.pem -in key-public.pem -name alias -legacy- Choose any password and alias name, make sure you remember it for the next few steps.
- Transfer
keyBundle.p12andkey-public.pemto the android device- e.g.
adb push keyBundle.p12 /sdcard/Downloadetc.
- e.g.
- In android settings, go to Biometrics and Security (note I have a Samsung device, it might be different for you) > Other Security Settings > Credential Storage > Install from device storage > CA Certificate > Accept the scary red warning and tap "Install anyway" > enter your pincode > find
key-public.pemand click "Done" - Going back to "Install from device storage," > VPN and app user certificate > find
keyBundle.p12> Enter password and alias - Open packet capture > Setting > Tap "No CA certificate" > Import PKCS#12 file > find
keyBundle.p12. Enter password and alias. Restart packet capture. If everything worked, the "Status" subtitle should say "Installed to trusted credentials" - Restart your device
adb shell reboot
Done! SSL sniffing should work for most apps now but it can be hit or miss unfortunately.
This guide is based on this stackexchange post.