Proxying SSL connections using Firefox Android

Having dealt with enabling Proxying on FFOS devices I recently needed to proxy code for Firefox for Android too. I'd recommend reading that post for all the background info.

Fortunately the process for adding the CA cert your proxy uses to the certs db on Firefox Android is identical to how you do it for FFOS.

Note: As always take care and carry out these steps at your own risk

Why?

Proxying SSL connections is really useful for debugging and development. I often use proxying to rewrite JS with my own built JS files so I can test a bugfix with real data. This can be especially helpful on devices where pointing at local development environments can take time.

SSL proxying is needed otherwise you can't de-crypt the request to do something useful with it.

Once you have the necessary rewrite rules setup in Charles and as long as you can use the proxy on your user-agent (Phone/Desktop browser etc), switching out dev/stage/prod JS with your own is trivial.

For more info on a Charles Proxy specific setup to rewrite files see: Using Charles proxy to debug live code

Requirements

The pre-requisite steps are as follows:

  • You've got adb installed
  • You know how to set-up the proxy settings for your android phone.
  • You have a rooted phone android phone with Firefox Android installed.
  • You've generated a cert for your proxy. (If not you can read how to do that here)
  • You've got certutil installed from nss. Be careful if you use homebrew to install it. This can break sync.

Finding the profile

First I use adb shell to get a shell and then type su to get root.

adb shell
shell@m0:/ $ su
root@m0:/ #

Now to modify the db you need to find your profile.

For FF Android Nightly this will be:

/data/data/org.mozilla.fennec/files/mozilla

and for FF Android it will be in:

/data/data/org.mozilla.firefox/files/mozilla

And you'll be looking for a file that ends with .default

Moving the cert files

Once you have the paths. You'll want to move the cert9.db and key4.db onto the sdcard so you can more easily pull them onto your machine.

e.g:

cp /data/data/org.mozilla.fennec/files/mozilla/fkhfkjsh.default/cert9.db /sdcard/cert/cert9.db
cp /data/data/org.mozilla.fennec/files/mozilla/fkhfkjsh.default/key4.db /sdcard/cert/key4.db

Now you can grab them from another terminal tab:

mkdir ffa-certs && cd ffa-certs
adb pull /sdcard/certs/cert9.db
adb pull /sdcard/certs/key4.db

Now back them up in-case you want to restore them or something goes awry.

cp cert9.db{,.bck}
cp key4.db{,.bck}

Adding your CA to the cert db

Finally add your cert. I'm using the same CA cert I generated for Charles. So that's the following:

# Hit enter to remove the password
certutil -W -d sql:. 
# Add the cert
certutil -A -n 'Charles Custom Cert' -i /usr/local/CharlesCA/certs/ca_cert.pem -t 'TC,,' -d sql:.
# Check it validates
certutil -V -u 'V' -n 'Charles Custom Cert' -d sql:. 

Pushing certs onto the device

Now lets throw the certs db back on the device:

 adb push cert9.db /sdcard/certs/cert9.db
 adb push key4.db /sdcard/certs/key4.db

And then back on your root adb shell you had earlier:

cp /sdcard/cert/cert9.db /data/data/org.mozilla.fennec/files/mozilla/fkhfkjsh.default/cert9.db 
cp /sdcard/cert/key4.db /data/data/org.mozilla.fennec/files/mozilla/fkhfkjsh.default/key4.db

Assuming you've pointed your network (wifi) connection at the proxy you should be good to go.

As always don't forget to turn off the proxy when you're not using it.

comments powered by Disqus