Wouldn’t it be possible to MiTM the traffic assuming they’re just using asymetrical certificates? Similar to how most business MiTM web traffic. You are allowed to install root CA certs on android, so that should allow the phone to trust any certificates you present to it.
Yes, that would work but I don’t feel like setting up certificates on my phone.
Would only have to install the 1 root CA from either your CA server or a new one. Though if this phone is a daily driver I would understand the hesitation. It is possible you might not even have to if the bits that talk to chinese servers are poorly configured and will just accept any certificate.
I bet you could fireup kali and use ettercat > wireshark and just see what happens, without installing certs on the phone. Point the phone to your Kali linux as a gateway and voila!
After a little bit of google-foo…
https://www.commonlounge.com/discussion/2627e25558924f3fbb6e03f8f912a12d
I may just try this with my Pixel, though I hope / feel that google services wouldn’t fall victim to this.