15

A colleague has given me a Flutter project to try to build the app in iOS (I use a Mac, we both use Android Studio). Everything is ok except for this error: 

Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: ok(handshake.cc:363))

If I use HTTP instead of HTTPS it works obviously. My colleague said he solved by adding this line of code: 

client.badCertificateCallback = (X509Certificate cert, String host, int port) => true;

This line of code is also in my project because the source is the same. So why does it work on Android, but not on iOS?

Improve this question

7 Answers 7

Reset to default
23

best way for ssl certification problem on all http requests

it is work on both platform (android & ios)

class MyHttpOverrides extends HttpOverrides{ @override HttpClient createHttpClient(SecurityContext context){ return super.createHttpClient(context) ..badCertificateCallback = (X509Certificate cert, String host, int port)=> true; } } void main(){ HttpOverrides.global = new MyHttpOverrides(); runApp(new MyApp()); }
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Isn't it a security failure?
This doesn't seem to work for me, unfortunately. ServerException(originalException: HandshakeException: Handshake error in client (OS Error: WRONG_VERSION_NUMBER(tls_record.cc:242)), parsedResponse: null)
'MyHttpOverrides.createHttpClient' ('HttpClient Function(SecurityContext)') isn't a valid override of 'HttpOverrides.createHttpClient' ('HttpClient Function(SecurityContext?)').
for those who are facing issues to override, just use (SecurityContext? context) instead of (SecurityContext context)
You should really explain what this does, which is to remove all security protections against person-in-the-middle attacks.
12

Old question but my solution was to ensure the time/date set correctly on client

Improve this answer

Comments

2
  1. Download cert from https://letsencrypt.org/certs/lets-encrypt-r3.pem
  2. Add this file to assets/ca/ Flutter project root directory
  3. Add assets/ca/ assets directory in pubspec.yaml
  4. Add this code on your app initialization:
 WidgetsFlutterBinding.ensureInitialized(); ByteData data = await PlatformAssetBundle().load('assets/ca/lets-encrypt-r3.pem'); SecurityContext.defaultContext.setTrustedCertificatesBytes(data.buffer.asUint8List()); runApp(MyApp()); }
Improve this answer

1 Comment

This is the right way of dealing with the problem, not bypasing the certificate problem! Good answer and should be the one marked as correct.
1

I've found a secure way to do this.
use this code below:

class MyHttpOverrides extends HttpOverrides{ @override HttpClient createHttpClient(SecurityContext context){ return super.createHttpClient(context) ..badCertificateCallback = (X509Certificate cert, String host, int port) { if(host == "yourHost"){ return true; }else{ return false; } } } }

inside main():

HttpOverrides.global = new MyHttpOverrides();
Improve this answer

1 Comment

This is absolutely not secure! You can set the host to whatever you want in a bad certificate!
0

Simply use http, not https in your URL string.

Improve this answer

1 Comment

This does not provide an answer to the question. Once you have sufficient reputation you will be able to comment on any post; instead, provide answers that don't require clarification from the asker. - From Review
-3

this should work on ios if you have added this line 

client.badCertificateCallback = (X509Certificate cert, String host, int port) => true;

so double check that you are using the same instance of the client for your request, and that you are making the request after you set the badCertificateCallback parameter

Improve this answer

Comments

-4

Check your https certificate that you are using, i think iOS has more strict measures than android when it comes to https connection. To be on the safe side, try to update your server certificate.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.