Hello.
A 'CERTIFICATE_VERIFY_FAILED' exception is thrown, when connect to a server with a self-signed certificate.
Consider switching to HttpClient
and supporting 'BadCertificateCallback'.
Thanks for using our library. We do not plan to support self signed certificates in our package, because It’s encryption is less secure, due to the lack a certificate authority.
We are currently implementing a modular approach for transport layers. Giving you the option to implement your own transport links.
If you plan to use self-signed certificates, I suggest you wait until we finish up that pull request. And if you want to speed up things, you could write some commits and push them to the PR.
Hope that helped!
Thanks for the feedback.
Re: "Thanks for using our library. We do not plan to support self signed certificates in our package, because It’s encryption is less secure, due to the lack a certificate authority."
Using a self-signed certificate is common in development environments, so having that flexibility would make it easier to implement/test while with https. Many developers don't use 3rd-Party certificate authorities.
i agree
this tool does it easily for you
github.com/FiloSottile/mkcert
On Fri, 27 Jul 2018 at 18:56 pepie notifications@github.com wrote:
Thanks for the feedback.
Re: "Thanks for using our library. We do not plan to support self signed
certificates in our package, because It’s encryption is less secure, due to
the lack a certificate authority."Using a self-signed certificate is common in development environments, so
having that flexibility would make it easier to implement/test while with
https. Many developers don't use 3rd-Party certificate authorities.—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/zino-app/graphql-flutter/issues/40#issuecomment-408478133,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ATuCwm60PMeb--DpreCO27Fe921iGHctks5uK0ZUgaJpZM4VaZJR
.
@pepie Thanks for pointing that out.
We probably won't be working on this feature ourselves, because our team uses a wildcard certs on the staging domains. Since this might be useful for a few developers, we would be happy to merge a good PR. If you need some help we're happy to give some pointers.
Hello, all! I'm sorry if I'm resurrecting a 'zombie thread' here but I just wanted to add how to work around this in case anyone is having trouble with this:
From the client class in examples:
GraphQLClient client() {
// Workaround for self-signed certificate execption (to be used in dev mode only)
HttpClient _httpClient = new HttpClient()
_httpClient.badCertificateCallback = (X509Certificate cert, String host, int port) => true;
IOClient _ioClient = new IOClient(_httpClient);
// Link to the GraphQL Endpoint
final HttpLink _httpLink = HttpLink(
uri: 'https://api.github.com/graphql',
httpClient: _ioClient
);
// Authentication header (if needed)
final AuthLink _authLink = AuthLink(
getToken: () async => 'Basic $PERSONAL_ACCESS_TOKEN',
);
final Link _link = _authLink.concat(_httpLink as Link);
return GraphQLClient(
cache: InMemoryCache(storageProvider: () {}),
link: _link,
);
}
That's it! Worked for me :)
P.S.: If there's a better/more optimal way of doing this, feel free to edit my comment or remove it if it shouldn't be here!
Most helpful comment
Hello, all! I'm sorry if I'm resurrecting a 'zombie thread' here but I just wanted to add how to work around this in case anyone is having trouble with this:
From the client class in examples:
That's it! Worked for me :)
P.S.: If there's a better/more optimal way of doing this, feel free to edit my comment or remove it if it shouldn't be here!