During iOS packet capture, a common scenario is that the certificate is already installed, trust is enabled, and the proxy tool is running normally, but the App’s requests still cannot be captured.

This situation often leads to the misconception that it’s a certificate issue, but after actual troubleshooting, the problem usually lies elsewhere.

First, Confirm the Specific Situation of Not Capturing Packets

Before starting troubleshooting, distinguish between two scenarios:

Scenario A: No Requests at All

  • No records in the proxy tool
  • App operations do not generate new requests

Scenario B: Requests Exist, but Content is Incomplete

  • URL is visible
  • But request body or response body cannot be seen

The handling methods for these two scenarios differ.

First, Verify if the Proxy is Successful

First, rule out the most basic issue: whether the proxy is effective.

Steps:

  1. Start Charles, Proxyman, or Sniffmaster
  2. Confirm the proxy port (e.g., 8888)
  3. Connect iPhone and computer to the same Wi-Fi
  4. Enter the proxy address and port in iPhone Wi-Fi settings

Fill in Port

After saving, open Safari and visit an HTTPS website.

Observe the Results

  • If Safari requests can be captured → Proxy is normal
  • If Safari also cannot capture → Need to check proxy configuration

Only when Safari can capture packets does subsequent troubleshooting make sense.

Confirm if the Certificate is Truly Effective

After installing the certificate, confirm if trust is enabled.

On iOS:

  1. Open Settings
  2. Go to “General” → “About” → “Certificate Trust Settings”
  3. Find the proxy certificate
  4. Manually enable trust

Then reopen Safari and test HTTPS.
Certificate Trust

Observe the Results

  • If HTTPS can be decrypted → Certificate is effective
  • If still cannot decrypt → Certificate not correctly installed

If Safari is Normal, but App Cannot Capture Packets

If:

  1. Safari can capture
  2. App has no requests

This indicates the problem can be narrowed down: App requests are not going through the system proxy.

Verify if the App Actually Initiates Requests

Before switching tools, perform a simple verification:

  1. Turn off iPhone network
  2. Trigger App request
  3. Observe interface changes

If the interface shows a network error, it means the request exists but is not passing through the proxy.

Use Data Cable Connection to Capture Real Data

When the proxy cannot capture requests, switch to another capture method.

Use SniffMaster (Packet Capture Master) here.

Using SniffMaster for Packet Capture

Steps:

  1. Connect iPhone to computer via USB
  2. Keep the device unlocked
  3. Click “Trust This Computer”
  4. Start SniffMaster
  5. Select iPhone in the device list
  6. Follow prompts to install drivers and profiles
  7. Enter HTTPS Brute Force Capture Mode
  8. Click Start

Then trigger requests on the phone.
Configuration

Observe the Results

In SniffMaster, you can see:

  • Request URL
  • Header
  • HTTPS data

Even if the proxy cannot capture, requests are still visible here.
Capture

When Only Header is Visible, No Body

If capture results show:

  • URL visible
  • Header visible
  • Body empty

This indicates:

  • HTTPS has been captured
  • But the app is not signed with a development certificate

Solution:

  1. Obtain the App’s IPA
  2. Re-sign using an iOS development certificate
  3. Reinstall
  4. Capture again

After completion, full data can be viewed.

Certificate-Related but Not Certificate Itself Issues

During troubleshooting, several easily confused points:

1. Certificate Installed, but App Does Not Trust

  • App may perform internal certificate validation
  • Proxy certificate may not be accepted

2. Certificate Valid, but Traffic Not Passing Through Proxy

  • Proxy link not effective
  • App uses a custom network stack

3. HTTPS Normal, but Data Incomplete

  • Related to signing, not the certificate

These situations can be directly distinguished by capture results.

When encountering issues where certificates are installed but packets cannot be captured, try the following methods:

  1. Use Safari to verify if the proxy is effective
  2. Confirm certificate trust status
  3. Test if the App goes through the proxy
  4. If not, switch to data cable connection for device capture
  5. If data is incomplete, handle signing issues

Reference link: https://www.sniffmaster.net/blog/130