
Sudo keytool -import - alias charles -file /Applications/Charles.app//Contents/doc/charles-proxy-ssl-proxying-certificate.crt -keystore $JAVA_HOME/lib/security/cacerts -storepass somePasswordButMyNotMyActualPassword


Keytool -list -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit | grep charles You need to run: # See if Charles' root certificate is installed Reinstalling Charles' root certificate after OS X updates is boring. Charles requires Java to be installed and enabled.ALL_PROXY is Curl specific #export HTTP_PROXY= export ALL_PROXY= However: Charles has got us out of a bunch of jams before, and we've always kept this around for when we need it: # For Charles Proxy. Tcp4 192.168.0.46:5175113.69.188.Charles Proxy is one of the most well known SSL debugging tools. Then you take the pid of your app (27479 in this example) and run: nettop -p 27479Īnd you will see where the app is connecting to: Skype.27479 18 KiB 32 KiB 20 KiB On my machine I have: bytes_in bytes_out rx_dupe rx_ooo Open a Terminal and run nettop -P to get a summary of all the traffic generated by each application currently running together with their pid. On MacOSX there is a very helpful tool called nettop. In my opinion wireshark is the wrong tool to do what you need. Then you can sniff all traffic coming out of the VM by sniffing the VM virtual network interface. One better way to do what you are trying to achieve with Wireshark is to setup a VM and run the app inside the VM.

Once you find the tcp stream created by the app you can right click on the packet and choose 'Follow TCP stream'. You would have to close every other app running on your OSX to reduce the noise. Wireshark doesn't support isolating traffic for a specific app.
