15

I'm trying to connect server with self-signed cert, but I take error:
E/flutter ( 3781): HandshakeException: Handshake error in client (OS Error:
E/flutter ( 3781): CERTIFICATE_VERIFY_FAILED: Hostname mismatch(ssl_cert.c:345))
Code, where I set cert:

String path = '/storage/sdcard0/server.crt'; SecurityContext context = new SecurityContext(); context.setTrustedCertificates(path, password: 'hello'); _client = new HttpClient(context: context);

What I'm doing wrong?

If I don't set SecurityContext, I get SSL handshake error.

Improve this question
1
  • Can you post more of your code? Commented Oct 28, 2018 at 4:31

4 Answers 4

Reset to default
13

I used HttpClient.badCertificateCallback
Here is a code to accept any cert:

_client = new HttpClient(); _client.badCertificateCallback = (X509Certificate cert, String host, int port) => true;
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

It works, but it doesn't reply to the original question. Accepting all certificates is a bad choice. I bumped into the same problem, and can't understand why setting "setTrustedCertificates" doesn't work.
I agree with @DmitriiBocharov
6

You can get a valid SSL certificate for free from https://letsencrypt.org/

Improve this answer

5 Comments

Thanks. Is there any variant to set something like "trust to all certificates" like in java?
See the other answer. I do wonder, why encrypt if you don't want security -- I can think of a few reasons, but can't tell from your question.
I'm using self-signed cert for development and in this moment no need to use real certs. HttpClient works with sites with valid certs, I have no problem with them.
@ArmenKH. which web server you use?
certbot is such an underrate tool.
2

In my case I got this error message, because I did not specify hostname when asked for Common Name, when creating self signed certificate (localhost is OK for simple tests):

$ openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.pem Country Name (2 letter code) [AU]:SI State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:localhost Email Address []:
Improve this answer

Comments

0

download cert.pem

in main.dart

final ByteData data = await rootBundle.load('assets/certificates/cert.pem'); HttpOverrides.global = CustomHttpOverrides(data); runApp(...)

in CustomHttpOverrides.dart

import 'dart:io'; import 'dart:typed_data'; class CustomHttpOverrides extends HttpOverrides { ByteData data; CustomHttpOverrides(this.data); @override HttpClient createHttpClient(SecurityContext? context) { final SecurityContext clientContext = SecurityContext()..setTrustedCertificatesBytes(data.buffer.asUint8List()); return super.createHttpClient(clientContext); } }
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.