When you see above failure in Charles Proxy on Mac, it means you need to install Charles SSL certificate in order to check the traffic of browser or application between client and server on Mac. This article will show you how to solve above handshake issue.
Each website or application has their own SSL authentication request, then you can install SSL certificate for each website or application if you want to do that. Every time when you visit a https website via Charles without SSL certificate installed for Charles, it will give you a warning for authentication accessing, you can accept authentication without any problem and go ahead to browse website. But you can avoid those popup warning each time when visit each website or application via Charles. The only thing you need to do is to install Charles Root Certificate for web access on Mac. After install Charles Root Certificate on Mac for web access, you can read most of traffic between client and server end.
Install Charles Root Certificate on Mac for browser, the processing needs you to add Charles certificate in keychains.
Check this video how to install Charles Root Certificate on Mac for Chrome and Safari:
Check this video how to install Charles Root Certificate on Mac for FireFox:
Install Charles Root Certificate will solve most application or website SSL authentication issue because Charles use regular way to encrypt and decrypt message. However for some special websites or applications if they use or define their own specific SSL certificate rather than regular encrypt/decrypt way to handle message, install Charles Root Certificate won't help to solve the problem. You still won't see plain traffic between client and server end and you still see SSL handshake issue in Charles. In this case, you need to request those specific SSL certificate from server owner, and add this specific certificate in the Charles. then you will see the encrypted/decrypted message between client and server end.
To install specific SSL certificate for special website or application, you can go through the following processing:
1. Obtain the specific SSL certificate from Server side owner who issues SSL certificate.
2. Go Charles Proxy > SSL Proxying Settings
3. Select Client Certificates tab
4. Click Add button to add Host, Port, and click Choose button to upload certificate file.
Now Specific SSL certificate install successfully.
To install Charles Root Certificate on Mac for browser and application:
1. Open Charles
2. Go to "Proxy" and select "Mac OS X Proxy"
3. Go to "Help" > "SSL Proxying" > "Install Charles Root Certificate.."
4. Select "Charles Proxy Custom Root Certificate" to open Charles Proxy Custom Root Certificate page
5. Expand "Trust"
6. In "When using this certificate", select "always trust". Close this page and give the password for the installation permission.