Different ways to debug https requests in an Android emulator

A lot of developers face problems while debugging https traffic via the android emulator. There are a lot of ways to see requests details, and we will describe a couple of them with the native emulator on Android 9.0.

Debugging via OkHttp Profiler plugin

If you are using OkHttp version 3 or Retrofit version 2 libs for your Android application, you can easily debug all requests directly in the Android Studio without installing ssl certificates etc.

To activate, just add the library to the android gradle file (build.gradle) in your module (application/app/build.gradle)

dependencies {
//……………
implementation 'com.itkacher.okhttpprofiler:okhttpprofiler:1.0.4'
}

Sync the gradle project to apply the changes and set an interceptor to okhttp client by adding the following code to okhttp client or retrofit:

For raw okhttp client:

OkHttpClient.Builder builder = new OkHttpClient.Builder();
if (BuildConfig.DEBUG) {
builder.addInterceptor(new OkHttpProfilerInterceptor());
}
OkHttpClient client = builder.build();

For Retrofit:

OkHttpClient.Builder builder = new OkHttpClient.Builder();
if (BuildConfig.DEBUG) {
builder.addInterceptor(new OkHttpProfilerInterceptor());
}
OkHttpClient client = builder.build();
Retrofit retrofit = new Retrofit.Builder()
……
.client(client)
.build();

We recommend to enable it only for debug build (BuildConfig.DEBUG), but you can remove it if you want to see requests also in release app.

Your app is ready, but you still need to install the plugin.

Now open Android Studio preferences, select the “Plugins” tab, and type “OkHttp Profiler” into a search field. If there is a “No plugins found” message, press “Search in repositories” .

You will see a list with the “OkHttp Profiler” plugin, so press the install button and wait through installation, then restart Android Studio.

Now you should be able to see http & https requests directly in Android Studio!

Open an “OkHttp Profiler” toolwindow in the right bottom corner and run your project with all changes.

You will see detailed data for each request from okhttp library, as soon, they will be sent to the network! Quite simple, right? That’s it.

Debugging via Charles Proxy

You can redirect all of your traffic from emulator to the app Charles Proxy, and you will be able to see request/response body as a json tree, headers, cookies, etc.

First, you need to download and install Charles Proxy from the official site https://www.charlesproxy.com/download/. It has a free version for Windows, Mac, and Linux, and generally you can use it for free with some restrictions.

After installing the application to the desktop, you need to configure the Android emulator.

Go to:

Preferences -> Network & Internet -> Wi-fi -> Edit -> Settings icon

And type in the following values:

Proxy: Manual

Proxy hostname: 10.0.2.2 (this is not your local IP address. Just use always 10.0.2.2)

Proxy port: 8888

Click save, and now all traffic from the emulator will be sent through Charles Proxy. In this step you already can debug the HTTP traffic.

But if you use only http, I have bad news for you- it is not safe:) You definitely need to use HTTPS and you can’t see it right now in Charles.

So let’s go to the next step, and install a certificate on the emulator.

Return to main screen and tap on google input view, paste or type a link https://chls.pro/ssl and press enter. Android will redirect you to the Charles site, the browser will ask for permission to use internal storage, and upon confirmation, will download and install the cert file. When it asks you to enter the certificate name, you can set any string, it’s doesn’t matter to you.

After all manipulations, the system will require you to set a password for security. You can enter a simple pin like 1111 without any fingerprints, it also doesn’t matter.

Hard? We’re not done yet)

Now you need to customize The Network Security Configuration for using ssl to proxy with the latest Android systems (https://developer.android.com/training/articles/security-config)

Go to the your app project and create a ‘xml’ folder in ‘res’ directory. In xml folder create a network_security_config.xml file and put next text into it

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<debug-overrides>
<trust-anchors>
<certificates src="system" />
<certificates src="user" />
</trust-anchors>
</debug-overrides>
</network-security-config>

In your Android studio you will see something like this:

Pay attention: only enable proxying for debug builds. It should not be enabled on your release configuration.

Now you need to enable this network security config file in AndroidManifest.xml

So just add the line

android:networkSecurityConfig=”@xml/network_security_config”

to the application tag.

At the end, you should open “Ssl proxy setting” in Charles, and add your domain to the list.

Install ther application to the emulator with all of the changes, and finally you should be able to see HTTPS requests in Charles Proxy!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store