Relic Solution: Setting up and collecting Charles trace for Android apps

What is Charles?

Charles is a desktop application HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information). It’s incredibly useful for capturing the communications between services, browser, mobile apps, etc. in local dev environments.

Why is it needed?

Charles trace helps us understand what kind of payload is being sent to New Relic endpoints from your apps. This information is useful in troubleshooting issues with agent connectivity, missing partial data, or when you are seeing less traffic than expected.

Let’s see how we can set up and gather traffic from Android apps for our needs.

  1. Download and install the application from the Charles web site:

  2. Open Charles application and from menu bar Proxy > Proxy Settings > macOS
    Uncheck Enable macOS proxy. This will ignore all traffic from your laptop.

  3. Now from the menu bar Proxy > SSL Proxying Settings
    Check Enable SSL Proxying and Add the following hosts.

For US account:

For EU account:

Once set up, the setting should be as shown in the below screenshot.

  1. Now let’s add SSL certificate to the mobile device

  2. From menu bar Help > SSL Proxying > Install Charles Root Certificate on a Mobile Device or Remote Browser

  3. This window will show your IP address and port to add to your mobile device.

  4. Use this IP and port in your device/emulator settings as mentioned below.

  5. Open device/emulator settings > Networks and WiFi > WiFi
    You will notice WiFi shows connected to AndroidWifi.
    Click the Settings icon and Edit and click Advanced options.

  6. Make below changes and click Save

Proxy -> Manual
Proxy hostname -> The IP address shown in step 6.
Proxy port -> The port shown in step 6.

  1. Install Charles certificate by opening a web browser on your emulator and accessing this URL

  2. The browser may prompt you to allow it to save the certificate to disk, and then you can click to install it.

  3. Now you need to add configuration to your app in order to have it trust the SSL certificates generated by Charles SSL Proxying. This means that you can only use SSL Proxying with apps that you control.
    In order to configure your app to trust Charles, you need to add a Network Security Configuration File to your app. This file can override the system default, enabling your app to trust user installed CA certificates (e.g. the Charles Root Certificate). You can specify that this only applies in debug builds of your application, so that production builds use the default trust profile.

Add a file app/src/main/res/xml/network_security_config.xml to your app with below content:

     <!-- Trust user added CAs while debuggable only -->
     <certificates src="user" />
  1. Then add a reference to this file in your app’s manifest, as follows:

        <application android:networkSecurityConfig="@xml/network_security_config">

That’s it!! Now Debug run your app which has New Relic Android agent installed and take it to background and foreground and generate a few crash scenarios if you can. You should be able to see New Relic endpoints in Charles UI as shown below.


And the same can be exported and shared with us by right-clicking on the endpoints.