HTTPS嗅探/ Charles SSL在Facebook上不起作用 [英] HTTPS sniffing/Charles SSL doesn't work on Facebook
问题描述
Charles SSL基本上适用于除Facebook以外的任何其他应用或网站。我已经在iOS设备上安装了所有证书,但是当仅嗅探Facebook时,当方法 CONNECT 失败 >。有什么问题?
Charles SSL works on basically any other app or website except Facebook. I have installed all the certificates on iOS devices, but when sniffing Facebook only, I always get status Failed when method is CONNECT. What is wrong?
推荐答案
可能使用证书固定。
查找这里答案的评论中的一些信息:
Find some info in the comments to the answers here:
Facebook,SnapChat或Gmail iOS应用如何阻止Fiddler解密其https流量?
证书固定是一个额外的安全层,应用程序使用它来确保远程服务器提供的证书是预期的证书。
Certificate Pinning is an extra layer of security that is used by applications to ensure that the certificate provided by the remote server is the one which is expected.
通过在应用程序中包含远程服务器的x509证书或公钥,可以将本地存储的证书或密钥与由th提供的证书或密钥进行比较。远程服务器。
By including the remote server’s x509 certificate or public key within the application, it is possible to compare the locally stored certificate or key with the one provided by the remote server.
这篇关于HTTPS嗅探/ Charles SSL在Facebook上不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
