Debug an Android Phone
This page walks through pointing an Android phone or tablet at Probe — Wi-Fi proxy, CA install, and the Network Security Config opt-in your own apps need. Read the Mobile Setup overview first if you haven’t seen the four-step flow.
Prerequisites
Section titled “Prerequisites”- Android device on the same Wi-Fi as the computer running Probe.
- Probe running. Note the LAN IP from the toolbar status card — call it
<host-ip>below (e.g.192.168.1.42). - Probe’s proxy is on port 9099; the CA download page is on port 9098.
Menu paths below are from stock Android 14. Samsung, Pixel, Xiaomi, and others rename a few labels but the structure is the same.
1. Set the Wi-Fi proxy
Section titled “1. Set the Wi-Fi proxy”- Open Settings → Network & Internet → Internet (or Wi-Fi on older versions).
- Tap the gear icon next to the connected network. On some skins, long-press the network and choose Modify network.
- Tap Advanced options to expand it.
- Set Proxy to Manual.
- Enter Proxy hostname =
<host-ip>and Proxy port =9099. - Tap Save.
HTTP requests from any browser on the phone now land in Probe. HTTPS will still fail until the CA is installed and trusted.
2. Install the CA
Section titled “2. Install the CA”Probe’s cert server detects Android from the User-Agent and serves the CA in DER format, which is what the system installer expects.
- Open Chrome and visit
http://<host-ip>:9098— Chrome downloadsProbe_CA.derto your Downloads folder. The explicit pathhttp://<host-ip>:9098/download/androidworks too if auto-detect ever misfires. - Open Settings → Security & privacy → More security settings → Encryption & credentials → Install a certificate → CA certificate. (Path varies — Samsung calls this Biometrics and security → Other security settings.)
- Tap Install anyway on the warning screen.
- Pick the file you just downloaded.
- The phone confirms the CA is installed under the user credential store.
For platform-specific notes (Android 11 storage scoping, OEM menu differences), see Install the CA on Android.
3. Make your app trust the user store
Section titled “3. Make your app trust the user store”Web traffic — Chrome, Firefox, the system WebView in some configurations — works immediately after step 2. Your own apps will not.
Since Android 7 (API 24), apps trust only system CAs by default. User-installed CAs (which is what Probe’s CA is, after step 2) are ignored unless the app’s manifest explicitly opts in via Network Security Config.
The supported flow is to ship a debug-only network security config that trusts the user store:
<network-security-config> <debug-overrides> <trust-anchors> <certificates src="user" /> </trust-anchors> </debug-overrides></network-security-config>Then point your manifest at it (also debug-only, so release builds aren’t affected):
<application android:networkSecurityConfig="@xml/network_security_config" />Rebuild and reinstall the debug variant. The app now accepts Probe’s CA, and you’ll see its traffic flow into Probe with full HTTPS bodies.
4. Confirm in Probe
Section titled “4. Confirm in Probe”Trigger any network call in your app, or open a site in Chrome. The device shows up under DEVICES in the Probe sidebar within a couple of seconds, with a domain tree of its captured traffic.
Apps you can’t recompile
Section titled “Apps you can’t recompile”If the APK isn’t yours and isn’t debuggable, the user-store + Network Security Config path doesn’t apply — the app’s manifest already excluded user CAs. Two paths exist outside Probe’s scope:
- Frida / objection to disable pinning at runtime on a rooted device or emulator.
- Magisk module that moves the CA into the system store (requires unlocking the bootloader — not reversible on many phones).
Both are well documented elsewhere. The recommended Probe workflow is user store + debug-only Network Security Config for code you control.
When you’re done
Section titled “When you’re done”Open the network’s Advanced options again and set Proxy back to None. If you forget, the phone can’t reach the internet on that Wi-Fi network whenever Probe isn’t running.