HTTPS Sniffing on Android (Certificate Pinning)


So i have this app that on login uses certificate pinning (i dont see the data at all), right now i have mitmproxy certificate installed from how do i define custom certificate in android? also how can i actually bypass certificate pinning? do i need to download the real certificate of host for it to work?


If an app uses certificate pinning you need to manually patch the app (decompile and add the certificate) or you need to root your android device.

if the device is rooted it is enough? I am using a rooted device and still have the problem. can you specify what should be done?

also, it the pinned domain is not of the app itself, but of a domain the app tries to connect to, is there anything to do?

I was searching for something similar to your question please see the link below for help