2

I wonder how can I setup ssl for http(http: ^0.12.0) package in Flutter, without migrating to dart:io.

Currently I'm using:

http.Client httpClient = http.Client();

and I do not see any options there to setup ssl.

Do I have to use 

final SecurityContext context = SecurityContext.defaultContext;
HttpClient client = HttpClient(context);

from dart:io?

Mark Rotteveel
  • 100,966
  • 191
  • 140
  • 197
jelenap
  • 501
  • 6
  • 18
  • AFAIK, it should Just Work. What are you having trouble with? – grooveplex Feb 02 '19 at 10:54
  • I'm getting HandshakeException: Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: unable to get local issuer certificate(handshake.cc:352)) In order to migrate to dart:io, I would have to refactor some portion of code, and I would avoid that if I can :) – jelenap Feb 02 '19 at 10:54
  • Possible duplicate of [How to do SSL pinning via self generated signed certificates in flutter?](https://stackoverflow.com/questions/51323603/how-to-do-ssl-pinning-via-self-generated-signed-certificates-in-flutter) – Richard Heap Feb 02 '19 at 11:33

1 Answers1

0

You can create a HttpOverride to make the Client ignore bad certificates as mentioned on this GitHub issue ticket. This is only recommended to be used in development builds.

class DevHttpOverrides extends HttpOverrides {
  @override
  HttpClient createHttpClient(SecurityContext? context) {
    return super.createHttpClient(context)
        ..badCertificateCallback = (X509Certificate cert, String host, int port) => true;
  }
}

Then initialize the HttpOverride to be used.

HttpOverrides.global = DevHttpOverrides();
Omatt
  • 8,564
  • 2
  • 42
  • 144