HTTPS Decryption
Proxie can decrypt encrypted traffic on the fly, as long as the client trusts its self-signed certificate authority. Usually this means that the Proxie CA certificates have to be installed on the client device.
Turning it on
- Open the Preferences window (
Command + ,
) - Go to the “HTTPS” tabs and check the “WebSockets & HTTPS decryption” option.
Installing the CA certificate
- Configure your target device with the correct proxy settings.
- Start a browser on the device, and visit the magic domain
sslca.io
. - Click on the relevant icon, follow the setup instructions for the platform you’re on and you are good to go.
If you are sure the proxy settings have been configured properly but still seeing the "oops" page, try restarting your browser and visiting the magic domain under incognito mode.
Certificate and Security
The CA certificate was uniquely generated on Proxie's first run and is not shared between Proxie installations, so other Proxie users cannot intercept your connection.
The private key of the Proxie CA certificate is stored locally in Proxie's data directory. Anyone who obtains this key is able to intercept your HTTPS traffic without your knowing it.
You are recommended to disable the CA certificate when not using Proxie, and regenerate it from time to time.