DevPeek

Proxy & HTTPS / certificates

DevPeek runs a local proxy; point clients at your machine’s proxy port to aggregate traffic. For HTTPS you must enable SSL proxy and install and trust the DevPeek root CA on every client; otherwise capture details rarely show usable plaintext, and features that depend on request/response bodies—breakpoints, resend, page debugging—will be largely ineffective on HTTPS.

Recording

Once clients trust the DevPeek root CA and hosts sit on the SSL allowlist, start recording under the Proxy menu (or equivalent). You can pause refresh per single client tab. Only then will decrypted headers/bodies appear so breakpoints, scripts, and resend can work on HTTPS; raw CONNECT tunnels may stay opaque and page debugging lacks reliable HTTPS context.

System proxy

The same menu can set DevPeek as the system proxy (or clear it). Mobile devices usually need manual Wi‑Fi proxy settings with your computer’s IP and port.

Enable SSL proxy

Turn on SSL proxy in the menu, then edit rules in the SSL proxy configuration dialog: only matching hosts are decrypted; * means all; you can use *.example.com or keyword patterns like *api*. Non-matching connections stay as passthrough tunnels. Read this together with Certificate manager: clients must trust the local CA or allowlisted HTTPS will not become usable plaintext for capture and debugging.

Certificate manager

Read this first: installing and trusting the root CA is a prerequisite for HTTPS capture and debugging

Plaintext HTTPS in DevPeek relies on a controlled MITM for allowed hosts; the chain must anchor to the DevPeek root CA issued/exported on your machine. Without trust, handshakes fail, apps refuse to connect, or traffic stays as opaque CONNECT—you may still see rows without decrypted headers or bodies. Without usable HTTPS plaintext, inspecting headers/bodies, breakpoints, resend, global scripts, and injected page debugging are severely limited or impossible.

Treat certificate install + trust as an early setup step, and repeat it in every environment that sends traffic through DevPeek: desktop OS, VMs/containers, remote shells, and phones/tablets each have their own trust store. Trusting only the laptop while a phone is proxied still breaks HTTPS on the phone. Avoid keeping a debug CA on daily-driver devices.

The sections below cover Windows and mobile clients. In DevPeek, open Certificate manager to install/trust the root CA on this machine, export files, or share LAN QR / download link for LAN download (exact labels follow your build). Keep the QR window open until clients finish downloading the cert.

Windows

Windows splits Current User vs Local Machine stores; most browsers read the Trusted Root Certification Authorities store. Prefer DevPeek’s guided or one-click install to avoid picking the wrong store.

  1. Open Certificate manager in DevPeek and follow the UI to install the root CA into the system (choose Trusted Root Certification Authorities when prompted).
  2. Verify the cert lands under Trusted Root Certification Authorities, not Personal—otherwise browsers may still reject the proxied chain.
  3. If the chain looks incomplete or AV/policy blocks writes, re-export/reinstall or run the import elevated per your org policy.
  4. Restart browsers, terminals, and IDE HTTP clients after import—many processes only load the trust store at startup.
  5. With SSL allowlisting enabled, hit an https site and confirm DevPeek now shows decrypted plaintext for that host.

With WSL, RDP, or nested proxies, install trust where TLS is actually initiated; otherwise you may see “works on the host, fails in the container.”

macOS / Linux desktop

DevPeek for macOS and Linux is coming soon. Run DevPeek on Windows for now; for phone traffic, see the mobile certificate sections below.

Mobile (iOS / Android)

After fetching the file via DevPeek’s LAN QR / download link, you must complete both install and explicit root trust in Settings—downloading alone is not enough.

iOS

  1. Open the QR/download link in Safari and install the profile/cert (stay on the same Wi‑Fi; keep the DevPeek download session alive).
  2. Settings → General → VPN & Device Management (or Profiles) → install the downloaded profile.
  3. Settings → General → About → Certificate Trust Settings → enable full trust for the new root CA.
  4. With Wi‑Fi proxy pointing at DevPeek, browse https in Safari and confirm DevPeek shows decrypted traffic for allowlisted hosts.

Android

  1. Under Security / Encryption & credentials (names vary), use Install certificates → CA certificate and pick the file from DevPeek.
  2. Android 7+ may ignore user CAs for apps with network security config; use debuggable builds, emulators, or test devices when you need user CA trust.
  3. Some OEMs require a lock screen PIN/password before importing; verify the CA appears under trusted credentials.
  4. Point Wi‑Fi proxy at DevPeek, browse https, and confirm decryption in the capture list.

Mobile HTTPS failures often look like “app cannot reach network” or certificate warnings—different from a wrong proxy port. If HTTP works but HTTPS fails, re-check CA trust and the SSL allowlist first.

Throttling

Toggle throttling in the menu; edit RTT (ms, split across request/response) and up/down bandwidth (kbps, 0 = unlimited) in Throttling configuration. Applies to proxied HTTP/HTTPS; debug preview can reuse the same presets.

Only decrypt where you are authorized; installing a custom CA is risky—use dedicated test devices.