Contents
Many proxy utility apps say that they support HTTPS proxy on IOS, but not true. So far, Only two apps can configure HTTPS proxy truly with WiFi and cellular data.
Apps
Both of them are support “MITM“, which can decrypte SSL traffic. Is it the reason?
Tutorial
Get SSL Certificate
- There are two method to get the certificate, which can install on IOS.
- Setup HTTPS proxy on Foxyproxy, an extension of Firefox, and add the certificate by the notice from Foxyproxy.
Options–>Advanced–>Certificates–>View Certificates–>Servers–>HTTPS Proxy Certificate–>Export
- If you deploy the HTTPS proxy server with openssl, export the certificate with “der” format.
123openssl genrsa -out cakey.pem 2048openssl req -new -x509 -key cakey.pem -out cacert.pem -days 3655openssl x509 -outform der -in cacert.pem -out cacert.der
Install SSL Certificate
Add a mail account on IOS, and send the certificate to that account by email.
Click the certificate on IOS, and install by following the prompts.
After that, you can see it in Settings–>General–>Profiles.
Trust SSL Certificate
Goto Settings–>General–>About–>Certificate Trust Settings, turn the certificate on.
Configure HTTPS Proxy
For study purpose, you can install Surge and Shadowrocket free through www.i4.cn and www.25pp.com.
Here use the Shadowrocket for example.