Jmeter - Android Mobile Application Recording

Question

while recording Mobile Application. Trafic is not going via Proxy.

I have installed CA certificate in Android App.

Jmeter is recording but recording only Certain URLs and Other URLS like Google, Appstore are not been recorded including my Mobile APP (App under test,SUT).

I am unable to Login in to the APP aswell when i set Proxy in mobile App (under Manual)

Jmeter : V.5.1
Android : 9
JDK: 13

Mobile Application has Microsoft Login credentials.

Response I get is SSL handshake : certificate_Unknown and I get :443 Error Response.

can any one Help me with this issue .

Dmitri T Dmitri T · Accepted Answer · 2019-11-19T13:59:54

Starting from Android 7.0 (Nougat) you need to perform some specific network security configuration in order to use self-signed MITM certificates (inluding JMeter's one)

Under application section of your application manifest add the next line:
```
android:networkSecurityConfig="@xml/network_security_config"
```

Under res folder create the network_security_config.xml file and put the following code there:

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <debug-overrides>
        <trust-anchors>
            <!-- Trust user added CAs while debuggable only -->
            <certificates src="user"/>
        </trust-anchors>
    </debug-overrides>
</network-security-config>

Build your application in debug mode
```
gradlew assembleDebug
```
That's it, now you should be able to capture your application secure traffic with JMeter's HTTP(S) Test Script Recorder. Check out Recording Using Android Devices article for more details if needed

Other options are:

If your application can be built for Android < 7.0 you can use the device or emulator - it will be quite enough to just install ApacheJMeterTemporaryRootCA.crt file there
If you have rooted device or emulator - you can add the JMeter's certificate into Android trusted CA

Jmeter - Android Mobile Application Recording

1 Answers