How to post data to https server in dart?

Question

So i was building an application in flutter and I came across a problem. I need to post JSON data to a https server. Since the application is currently under development so we are using Self-Signed Certificate.

How can I achieve this in dart language?

Below is the code which I use to make single post request to the web server over http, but whenever I replace the http with https(Self Signed) I get an error:

HandshakeException: Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: self signed certificate(handshake.cc:355))

 var url = 'http://192.168.1.40/registration.php'; //or https
 var data = {"email":"yyyy@xx.com","name":"xyz"};

 http.post(url, body:data)
     .then((response) {
   print("Response status: ${response.statusCode}");
   print("Response body: ${response.body}");
 }).catchError((error) => print(error.toString()));

I am pretty new to Flutter and Dart please help me out. Suggestions will be welcomed.

There are two different HTTP clients: dart:io and package:http. Which are you using? Where are you stuck? the JSON bit, the posting bit, or the certificate trust bit? Maybe show your code and share what isn't working. — Richard Heap, Apr 15 '18 at 11:44
I am working with package:http. How can I use the self signed certificate bypassing the verification ? Changes had been made to the question with code. — Rishabh Kumar, Apr 15 '18 at 19:21

score 13 · Accepted Answer · answered Apr 16 '18 at 00:50

http.post is a convenience wrapper which creates a IOClient under the hood. You can pass your own io HttpClient to this, and that has a way to disable the certificate checks, so you just have to construct them yourself like this...

  bool trustSelfSigned = true;
  HttpClient httpClient = new HttpClient()
    ..badCertificateCallback =
        ((X509Certificate cert, String host, int port) => trustSelfSigned);
  IOClient ioClient = new IOClient(httpClient);
  ioClient.post(url, body:data);

  // don't forget to call ioClient.close() when done
  // note, this also closes the underlying HttpClient

the bool trustSelfSigned controls whether you get the default behaviour or allows bad certificates.

forgot to say: you will need to import dart:io to get HttpClient — Richard Heap, Apr 16 '18 at 00:56
There is some change in http package, need to import 'package:http/io_client.dart' to get access to IOClient. — Favas Kv, Jun 26 '19 at 12:11

score 3 · Answer 2 · answered Feb 01 '20 at 18:31

best way for ssl certification problem on all http request

class MyHttpOverrides extends HttpOverrides{
  @override
  HttpClient createHttpClient(SecurityContext context){
    return super.createHttpClient(context)
      ..badCertificateCallback = (X509Certificate cert, String host, int port)=> true;
  }
}

void main(){
    HttpOverrides.global = new MyHttpOverrides();
    runApp(new MyApp());
}

score 0 · Answer 3 · answered Apr 15 '18 at 09:27

You could try adding the self signed certificate to your device. I know IOS is really picky when it comes to certificates. But for development environments I would use just normal HTTP calls. Another thing you can do if the server has it's own domain name (Global. Not local) is using Certbot. Free SSL certificates for all your projects. And the setup is really easy and fast.

score 0 · Answer 4 · answered Sep 11 '19 at 22:12

If you are looking to use bypass certificates whether for web or mobile, look at this answer: https://stackoverflow.com/a/57801629/4458708. In summary,

import 'dart:io';
import 'package:http/io_client.dart' as ioclient;

var _httpClient = HttpClient();
_httpClient.badCertificateCallback = ((X509Certificate cert, String host, int port) => true);
var _ioClient = ioclient.IOClient(_httpClient);

and use _ioClient in your requests.

How to post data to https server in dart?

4 Answers4

Linked