> Do you plan to automate app repackaging with the needed changes, or is there a better method for apps to trust local certificates?
Eventually I'm aiming for the former, I'm fairly confident there is no better method. To start with, it'll be an Android app that configures your proxy settings (acting a VPN) and walks you through adding the certificate to the user store, and for your own apps I believe that's useful already: you just need to enable user stores in your app config (https://developer.android.com/training/articles/security-con...), and everything will Just Work.
For other apps though, on new-ish Android apps it's more difficult, as you say. My plan is to try and rewrite them, _probably_ as a Pro feature, but TBC. It should be a matter of:
- Get hold of the app APK (I think you can pull it with some adb tricks, slightly unclear)
- Edit the XML config to enable the user cert store, change the app id too (so it doesn't replace or have signature conflicts with the real app)
- Repackage & reinstall the resulting APK over adb
Eventually I'm aiming for the former, I'm fairly confident there is no better method. To start with, it'll be an Android app that configures your proxy settings (acting a VPN) and walks you through adding the certificate to the user store, and for your own apps I believe that's useful already: you just need to enable user stores in your app config (https://developer.android.com/training/articles/security-con...), and everything will Just Work.
For other apps though, on new-ish Android apps it's more difficult, as you say. My plan is to try and rewrite them, _probably_ as a Pro feature, but TBC. It should be a matter of:
- Get hold of the app APK (I think you can pull it with some adb tricks, slightly unclear)
- Edit the XML config to enable the user cert store, change the app id too (so it doesn't replace or have signature conflicts with the real app)
- Repackage & reinstall the resulting APK over adb
I haven't tested this yet though, so who knows!