Dio: https over self-signed certificate

Created on 17 Jul 2018  路  12Comments  路  Source: flutterchina/dio

'CERTIFICATE_VERIFY_FAILED' exception is thrown, when connection to server with self-signed certificate.

var url = 'https://jsonplaceholder.typicode.com/posts/1';
Dio dio = new Dio();
await dio.get(url).then((response){
  print(response.data);
}).catchError((err){
   print(err);
});

Most helpful comment

(dio.httpClientAdapter as DefaultHttpClientAdapter).onHttpClientCreate = (HttpClient client) {
    client.badCertificateCallback = (X509Certificate cert, String host, int port) => true;
    return client;
};

All 12 comments

You should create a SecurityContext object to trust your certificate in onHttpClientCreate callback, for examples:

  dio.onHttpClientCreate = (HttpClient client) {
    // create a `SecurityContext` instance to trust you certificate
    return HttpClient(securityContext)
  };

More about SecurityContext please refer to dart doc -SecurityContext

Consider adding support for badCertificateCallback.

 HttpClient httpClient = new HttpClient()
      ..badCertificateCallback =
      ((X509Certificate cert, String host, int port) => trustSelfSigned);

perhaps as an option to the constructor:

new Dio({acceptSelfSignedCert: false})

it doesn't seem like onHttpClientCreate() is ever reached:

    Dio dio = new Dio();
    dio.onHttpClientCreate = (HttpClient client) {
      print('onHttpClientCreate entered...');  // this code is never reached
      client.badCertificateCallback = (X509Certificate cert, String host, int port) => true;
      return client;
    };

   Response<String> response=await dio.get(url);  //CERTIFICATE_VERIFY_FAILED:ok

Are you sure? I have run the code as follows:

    dio.onHttpClientCreate = (HttpClient client) {
      print("dio xxxx");
      client.badCertificateCallback =
          (X509Certificate cert, String host, int port) {
        return true;
      };
    };

Console log

I/flutter (18963): dio xxxx

Which version of dio do you use? 0.1.3?

Yes, It never ran on my box.
It's a little weird.

I've submitted a pull request to support self-signed certs.
https://github.com/flutterchina/dio/pull/33

Please consider. This works.
Another option would be to allow one to pass the entire callback, instead of setting trustSelfSignedCerts to true.

Great plugin btw!!

@wendux I created a new project and was able to confirm dio.onHttpClientCreate() ran successfully.
I'll have to figure out why it wasn't triggered in the first project, bu the problem seems to be local.

Using version 0.1.3
FYI

@pepie Ok, May you overwrite OnHttpClientCreate callback somewhere ?

I'm guessing that's the case.
I'll send an update if I discover anything strange.
Thanks!

what about this issuse ?

It seems that @pepie found a solution (check https://github.com/flutterchina/dio/pull/33 ). Should this issue be closed? Does this specific case need to be documented?

:octocat: From gitme Android

Closing this issue since a solution was found.
class MyHttpOverrides extends HttpOverrides{
@override
HttpClient createHttpClient(SecurityContext context){
HttpClient client= super.createHttpClient(context); //<<--- notice 'super'
client.badCertificateCallback = (X509Certificate cert, String host, int port)=> true;
return client;
}
}

void main(){
HttpOverrides.global = new MyHttpOverrides();
runApp(new App());
}

(dio.httpClientAdapter as DefaultHttpClientAdapter).onHttpClientCreate = (HttpClient client) {
    client.badCertificateCallback = (X509Certificate cert, String host, int port) => true;
    return client;
};
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rrifafauzikomara picture rrifafauzikomara  路  5Comments

lazarvgd picture lazarvgd  路  4Comments

Dmitry-N-Medvedev picture Dmitry-N-Medvedev  路  3Comments

skybur picture skybur  路  4Comments

HelgeSverre picture HelgeSverre  路  6Comments