On a fresh install of Flutter, JDK, and Android Studio 3.5.3, Flutter always runs into an error when trying to build for an Android app. During the Gradle task "assembleDebug", it runs into an sslHandshakeException. I'm wondering how to disable certificate verification so that it can still run (assume I don't care about the security issues this raises). I believe this needs to go through the Java JDK.
Additional context:
- MacBook Pro running macOS Big Sur 11.4
- Flutter 2.2.3
flutter doctor -voutput:
% flutter doctor -v
[✓] Flutter (Channel stable, 2.2.3, on macOS 11.4 20F71 darwin-x64, locale en)
• Flutter version 2.2.3 at /usr/local/Caskroom/flutter/2.2.3/flutter
• Framework revision f4abaa0735 (12 days ago), 2021-07-01 12:46:11 -0700
• Engine revision 241c87ad80
• Dart version 2.13.4
[✓] Android toolchain - develop for Android devices (Android SDK version 30.0.3)
• Android SDK at /Users/peternielsen/Library/Android/sdk
• Platform android-S, build-tools 30.0.3
• Java binary at: /Applications/Android
Studio.app/Contents/jre/jdk/Contents/Home/bin/java
• Java version OpenJDK Runtime Environment (build
1.8.0_202-release-1483-b49-5587405)
• All Android licenses accepted.
[✓] Xcode - develop for iOS and macOS
• Xcode at /Applications/Xcode.app/Contents/Developer
• Xcode 12.5.1, Build version 12E507
• CocoaPods version 1.10.1
[✓] Chrome - develop for the web
• Chrome at /Applications/Google Chrome.app/Contents/MacOS/Google Chrome
[✓] Android Studio (version 3.5)
• Android Studio at /Applications/Android Studio.app/Contents
• Flutter plugin version 44.0.1
• Dart plugin version 191.8593
• Java version OpenJDK Runtime Environment (build
1.8.0_202-release-1483-b49-5587405)
[✓] VS Code (version 1.57.1)
• VS Code at /Applications/Visual Studio Code.app/Contents
• Flutter extension version 3.24.0
[✓] Connected device (2 available)
• Android SDK built for x86 (mobile) • emulator-5554 • android-x86 •
Android 8.1.0 (API 27) (emulator)
• Chrome (web) • chrome • web-javascript •
Google Chrome 91.0.4472.114
• No issues found!
- Error output from
flutter run:
% flutter run
Using hardware rendering with device Android SDK built for x86. If you notice
graphics artifacts, consider enabling software rendering with
"--enable-software-rendering".
Launching lib/main.dart on Android SDK built for x86 in debug mode...
FAILURE: Build failed with an exception.
* What went wrong:
A problem occurred configuring root project 'android'.
> Could not resolve all artifacts for configuration ':classpath'.
> Could not resolve com.android.tools.build:gradle:4.1.0.
Required by:
project :
> Could not resolve com.android.tools.build:gradle:4.1.0.
> Could not get resource 'https://dl.google.com/dl/android/maven2/com/android/tools/build/gradle/4.1.0/gradle-4.1.0.pom'.
> Could not GET 'https://dl.google.com/dl/android/maven2/com/android/tools/build/gradle/4.1.0/gradle-4.1.0.pom'.
> sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.
* Get more help at https://help.gradle.org
BUILD FAILED in 3s
Running Gradle task 'assembleDebug'...
Running Gradle task 'assembleDebug'... Done 4.3s
Exception: Gradle task assembleDebug failed with exit code 1
I don't know why it's doing the error, I just need a way to disable the SSL Certificate Verification for Flutter.
Note that this question is similar, however it asks how to disable it within Flutter code that pulls from a server and my problem needs to stop Java from doing it when a Flutter app is run.
Thanks in advance.
EDIT:
% keytool -importcert -file ~/Downloads/google.cer -alias google -keystore $JAVA_HOME/jre/lib/security/cacerts
Enter keystore password:
Re-enter new password:
Owner: CN=*.google.com
Issuer: CN=Qustodio Protection CA, OU=Qustodio, O=Qustodio LLC, L=Barcelona, ST=Barcelona, C=ES
Serial number: cd639bb2
Valid from: Tue Jun 22 06:37:09 PDT 2021 until: Tue Sep 14 06:37:08 PDT 2021
Certificate fingerprints:
SHA1: B3:A2:BF:28:62:78:E3:EE:2F:6D:1A:04:C8:3F:83:E2:EA:A8:C0:95
SHA256: A4:CC:97:CC:FB:2B:67:40:F4:17:EC:D2:78:5D:AA:CB:1F:ED:C8:E7:01:85:3E:8A:9F:09:05:51:2A:25:F0:E4
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
]
#2: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
]
#3: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: *.google.com
DNSName: *.appengine.google.com
DNSName: *.bdn.dev
DNSName: *.cloud.google.com
DNSName: *.crowdsource.google.com
DNSName: *.datacompute.google.com
DNSName: *.google.ca
DNSName: *.google.cl
DNSName: *.google.co.in
DNSName: *.google.co.jp
DNSName: *.google.co.uk
DNSName: *.google.com.ar
DNSName: *.google.com.au
DNSName: *.google.com.br
DNSName: *.google.com.co
DNSName: *.google.com.mx
DNSName: *.google.com.tr
DNSName: *.google.com.vn
DNSName: *.google.de
DNSName: *.google.es
DNSName: *.google.fr
DNSName: *.google.hu
DNSName: *.google.it
DNSName: *.google.nl
DNSName: *.google.pl
DNSName: *.google.pt
DNSName: *.googleadapis.com
DNSName: *.googleapis.cn
DNSName: *.googlevideo.com
DNSName: *.gstatic.cn
DNSName: *.gstaticcnapps.cn
DNSName: googlecnapps.cn
DNSName: *.googlecnapps.cn
DNSName: gkecnapps.cn
DNSName: *.gkecnapps.cn
DNSName: googledownloads.cn
DNSName: *.googledownloads.cn
DNSName: recaptcha.net.cn
DNSName: *.recaptcha.net.cn
DNSName: widevine.cn
DNSName: *.widevine.cn
DNSName: ampproject.org.cn
DNSName: *.ampproject.org.cn
DNSName: ampproject.net.cn
DNSName: *.ampproject.net.cn
DNSName: google-analytics-cn.com
DNSName: *.google-analytics-cn.com
DNSName: googleadservices-cn.com
DNSName: *.googleadservices-cn.com
DNSName: googlevads-cn.com
DNSName: *.googlevads-cn.com
DNSName: googleapis-cn.com
DNSName: *.googleapis-cn.com
DNSName: googleoptimize-cn.com
DNSName: *.googleoptimize-cn.com
DNSName: doubleclick-cn.net
DNSName: *.doubleclick-cn.net
DNSName: *.fls.doubleclick-cn.net
DNSName: *.g.doubleclick-cn.net
DNSName: dartsearch-cn.net
DNSName: *.dartsearch-cn.net
DNSName: googletraveladservices-cn.com
DNSName: *.googletraveladservices-cn.com
DNSName: googletagservices-cn.com
DNSName: *.googletagservices-cn.com
DNSName: googletagmanager-cn.com
DNSName: *.googletagmanager-cn.com
DNSName: googlesyndication-cn.com
DNSName: *.googlesyndication-cn.com
DNSName: *.safeframe.googlesyndication-cn.com
DNSName: app-measurement-cn.com
DNSName: *.app-measurement-cn.com
DNSName: gvt1-cn.com
DNSName: *.gvt1-cn.com
DNSName: gvt2-cn.com
DNSName: *.gvt2-cn.com
DNSName: 2mdn-cn.net
DNSName: *.2mdn-cn.net
DNSName: googleflights-cn.net
DNSName: *.googleflights-cn.net
DNSName: admob-cn.com
DNSName: *.admob-cn.com
DNSName: *.gstatic.com
DNSName: *.metric.gstatic.com
DNSName: *.gvt1.com
DNSName: *.gcpcdn.gvt1.com
DNSName: *.gvt2.com
DNSName: *.gcp.gvt2.com
DNSName: *.url.google.com
DNSName: *.youtube-nocookie.com
DNSName: *.ytimg.com
DNSName: android.com
DNSName: *.android.com
DNSName: *.flash.android.com
DNSName: g.cn
DNSName: *.g.cn
DNSName: g.co
DNSName: *.g.co
DNSName: goo.gl
DNSName: www.goo.gl
DNSName: google-analytics.com
DNSName: *.google-analytics.com
DNSName: google.com
DNSName: googlecommerce.com
DNSName: *.googlecommerce.com
DNSName: ggpht.cn
DNSName: *.ggpht.cn
DNSName: urchin.com
DNSName: *.urchin.com
DNSName: youtu.be
DNSName: youtube.com
DNSName: *.youtube.com
DNSName: youtubeeducation.com
DNSName: *.youtubeeducation.com
DNSName: youtubekids.com
DNSName: *.youtubekids.com
DNSName: yt.be
DNSName: *.yt.be
DNSName: android.clients.google.com
DNSName: developer.android.google.cn
DNSName: developers.android.google.cn
DNSName: source.android.google.cn
]
Trust this certificate? [no]: yes
Certificate was added to keystore
keytool error: java.io.FileNotFoundException: /jre/lib/security/cacerts (No such file or directory)
