Squid3-devel ssl interception doesn't work for mobile devices
-
Android devices have their CAs ROM stored.
They permit to add certificates in DER format. But the installed DER are user certificates, not system certificates.
Example for Nexus devices:
https://support.google.com/nexus/answer/2844832?hl=en
I tested squid3-devel transparent https with:
Vodafone's Mobile Phone - HTC Desire - Android 2.2.2
Tablet - BQ Edison 3G - Android 4.0.4
Not working. The Android browser and Firefox browser (tablet) don't see the selfsigned pfSense CA.
pfSense's selfsigned CA is exported in PEM format. I converted it to DER format and tested in a Windows computer before installing it in Android devices.
I'm wondering if there is any solution (rooting the devices, perhaps?).
And I'm also thinking if I will have the same problem with iOS devices.
-
iOS (tested with iPAD)
Works for Safari.
Doesn't work for Chrome:
http://apple.stackexchange.com/questions/103157/certificate-error-when-using-chrome-for-ios-with-company-ca
-
I have not tested it on iphone or android yet.