I'd also love to know if there's a solution for this problem!

bitexploder · on Nov 22, 2017

There is. It depends on the mobile OS and device.

We deal with this routinely. Solutions tend to vary.

On iOS just use SSL kill switch (if you are jailbroken). If you are not jailbroken you don't have a lot of options. On Android there are some well documented approaches. Usually decompiling the app and adding to the local app's cert store will work and then rearchive and sign it.

Function hooking key network calls can work as well. It is pretty much required that if you want to do serious tinkering or assessment you need a jailbroken or rooted device. This can be a significant effort investment, but once done is generally reliable.