Tag Archives: intercepting

HOW TO: Intercept iPhone and iPad SSL connections that require a valid SSL certificate

September 11, 2012

With the rising popularity of iPhone and iPad devices, we are running into more and more applications which require a valid SSL certificate for all connections. In order to properly assess the security of these applications, we need to intercept the SSL connections they make. This post shows our technique for doing this.

Please note that this is not a vulnerability in iOS, and that everything is working as intended. This is the method we use for intercepting SSL connections made by iOS applications, and assumes you’re already able to forward such connections (using pf, iptables, or something similar) to your machine. This also assumes that you will be using burp suite proxy

1.     Firstly, set up a working directory. This blog post assume you’re working with the following working directory structure:

mkdir ~/iosssl
cd ~/iosssl
mkdir {conf,certs,private,newcerts}
echo 01 > serial
touch index.txt

2.     Then, copy your “openssl.cnf” file from somewhere in “/etc” into “conf/caconfig.cnf”

The location of your “openssl.cnf” file may vary  “find /etc | grep openssl.cnf” may help.

cp /etc/pki/tls/openssl.cnf ~/iosssl/conf/

Continue reading