Mobile devices

iOS

Open the mobile view in the app. You’ll see:

• Your mac’s LAN IP (e.g. 192.168.1.42)
• Proxy port (9090)
• A QR code

Steps

1. Set proxy on the iPhone Settings → Wi-Fi → tap your network → Configure Proxy → Manual. Server = the LAN IP above. Port = 9090.

2. Install the cert Scan the QR with your iPhone camera, or visit http://<mac-ip>:9090/cert.mobileconfig in Safari. When prompted, tap Allow then Close — the profile downloads.

3. Approve the profile Settings → General → VPN & Device Management → tap the downloaded profile → Install (enter device passcode).

4. Enable full trust Settings → General → About → Certificate Trust Settings → toggle ON for the ProxyPro root.

5. Test Browse anything in Safari. Captures appear in ProxyPro on the mac.

Caution

Most pinned apps (banking, Spotify, App Store, Apple Pay) will refuse to trust the user-installed CA and will fail to connect through the proxy. This is by design — there’s no clean way around it.

iOS Simulator

Will be auto-installed in P06.5 via xcrun simctl keychain booted add-root-cert. For now, do it manually:

xcrun simctl keychain booted add-root-cert \
  ~/Library/Application\ Support/ProxyPro/ca/root.pem

Then set the simulator’s HTTP proxy in iOS Settings (same flow as a real device, using localhost:9090).

Android

User-trust install (no root required)

1. Copy root.pem to your phone (AirDrop, email, USB).
2. Settings → Security → Encryption & credentials → Install a certificate → CA certificate → accept warning → pick the file.
3. Settings → Wi-Fi → long-press your network → Modify → Advanced → Proxy: Manual → mac LAN IP, port 9090.

User-trust CAs are not honored by apps that pin certs. Browsers respect user-trust starting Android 7+.

System-trust install (rooted device / emulator)

adb root && adb remount
adb push root.pem /sdcard/
adb shell
# inside shell:
cd /system/etc/security/cacerts/
mv /sdcard/root.pem $(openssl x509 -inform PEM -subject_hash_old -in /sdcard/root.pem | head -1).0
chmod 644 *.0
reboot

System-trust CAs are honored by all apps regardless of pinning policy, but rooting / system remount voids most consumer device warranties.

Verification

In a browser on the phone, visit a known HTTPS site. You should see:

• A capture appears in the ProxyPro capture list on the mac, with the phone’s User-Agent in headers.
• Page loads without cert warnings.

If you get cert warnings: the trust toggle (step 4 on iOS) isn’t enabled.