Resolve network logs generation or insecure certificate error issues
Learn about possible solutions to resolve network logs generation issues or insecure certificate error issues on BrowserStack App Live.
Issue
When you run a test using BrowserStack App Live, a Failed to enable network tracking error might appear on the App Live dashboard.
Cause
BrowserStack uses mitmproxy to capture network logs. This requires the mitmproxy CA certificate to be installed on all BrowserStack remote devices. As per Android’s official docs, apps do not trust user or admin-added CAs by default. As a result, certificates issued by applications like mitmproxy are no longer accepted and these proxies are not able to capture the network traffic to produce network logs or bypass invalid certificate errors when using a self-signed certificate. This behavior is observed on the following list of devices in the BrowserStack cloud:
| Device | OS version |
|---|---|
| Samsung Galaxy S24 Ultra | 14 |
| Samsung Galaxy S24 | 14 |
| Google Pixel 8 | 14 |
| Google Pixel 8 Pro | 14 |
| Samsung Galaxy S23 | 13 |
| Samsung Galaxy S23 Ultra | 13 |
| Samsung Galaxy Tab S9 | 13 |
| Google Pixel 6 Pro | 13 |
| Google Pixel 7 | 13 |
| Google Pixel 7 Pro | 13 |
| OnePlus 11R | 13 |
| Samsung Galaxy S22 Ultra | 12 |
| Samsung Galaxy S22 Plus | 12 |
| Samsung Galaxy S22 | 12 |
| Samsung Galaxy M31 | 12 |
| Samsung Galaxy Tab S8 | 12 |
| Samsung Galaxy M32 | 11 |
| Xiaomi Redmi Note 11 | 11 |
| Vivo V21 | 11 |
| Vivo Y21 | 11 |
| Motorola Moto G71 5G | 11 |
| Xiaomi Redmi Note 9 | 10 |
| Vivo Y50 | 10 |
| Motorola Moto G9 Play | 10 |
| Huawei P30 | 9 |
Resolution
To successfully generate network logs or avoid invalid certificate errors on the devices mentioned above, your app needs to be configured to trust user-added CAs through the Network Security Configuration feature.
Please complete these 2 steps so that your app trusts user added CAs:
- Step 1: The Network Security Configuration feature uses an XML file where you specify the settings for your app. Create this file in your project directory if it is already not present, and add the following code to it:
<network-security-config>
<base-config>
<trust-anchors>
<!-- Trust preinstalled CAs -->
<certificates src="system" />
<!-- Additionally trust user added CAs -->
<certificates src="user" />
</trust-anchors>
</base-config>
</network-security-config>
- Step 2: Include the ‘android:networkSecurityConfig’ entry in the manifest of your app and set it to the path of this file. The following code excerpt from a manifest demonstrates how to create this entry:
<?xml version="1.0" encoding="utf-8"?>
<manifest ... >
<application android:networkSecurityConfig="@xml/network_security_config"
... >
...
</application>
</manifest>
- Ensure that all your apps, including the main app and any dependent apps which you might use in a session, are configured to trust user-added CAs.
- The provided resolution is only applicable for debuggable apps
Need some help?
If you need additional help, contact our Support team.
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
We're sorry to hear that. Please share your feedback so we can do better
Contact our Support team for immediate help while we work on improving our docs.
We're continuously improving our docs. We'd love to know what you liked
Thank you for your valuable feedback!