Reputation: 522
SSL IOWebSocketChannel with self signed cert using flutter
Can anyone help me get passed this example with a self signed cert. I need to be able to allow my users to accept a self signed cert if that is what they are using.
I am using the example from : https://flutter.io/cookbook/networking/web-sockets/
Everything works fine if ssl cert is valid or SSL is not used. Just need to get passed the self signed hump
class MyApp extends StatelessWidget {
@override
Widget build(BuildContext context) {
final title = 'WebSocket Demo';
Map headers = new Map<String,dynamic>();
headers["XXXXXX"] = "XXXX";
headers["XXXXXX"] = "13";
headers["Origin"] = "XXXXXX";
headers["Authorization"] = "XXXXXX";
return MaterialApp(
title: title,
home: MyHomePage(
title: title,
channel: IOWebSocketChannel.connect('wss://10.1.1.154:443/rest/subscribe',headers: headers),
),
);
}
}
Upvotes: 5
Views: 3560
Answers (3)
Reputation: 146
This is a great temporary fix ! it works on local ip with self signed certificate. (Please modify the badCertificateCallback to your needs)
class MyHttpOverrides extends HttpOverrides {
@override
HttpClient createHttpClient(SecurityContext? context) {
return super.createHttpClient(context)
..badCertificateCallback =
(X509Certificate cert, String host, int port) => true; // add your localhost detection logic here if you want
}
}
void main() {
HttpOverrides.global = MyHttpOverrides();
runApp(MaterialApp(home: MyApp()));
}
Upvotes: 5
Reputation: 349
To accept self-signed certificate, an user must add it to its own trusted certificate storage - ie to make explicit action.
If you use Let's Encrypt keep in mind some non-up-to-date boxes/installations must add Let's Encrypt CA to trusted storage before they can verify your certificate - also an explicit action.
Thus said, Let's Encrypt is always great choice when making anything HTTPS/TLS/... decisions.
Upvotes: 0
Reputation: 11
I don't think you will find a way to get many websocket clients to accept a self-signed certificate, and I don't see a way to do it with this specific library. It's not exactly an answer to your question, but I wanted to mention that signed certificates are available for free now (https://letsencrypt.org/). I don't know if that's an option for you and/or your users. Other than that, I am not familiar with the language so I cannot be of much help. I cannot believe that you would wish to disable validation of the certificates, though. It really seems like the best solution would be to avoid using self-signed certificates.
Upvotes: 1
Related Questions
- Flutter https with self signed certificate
- self-signed ssl certificate for websocket
- Dart upgrade client Socket to WebSocket
- Flutter: dart:io making a socket connection without using SSL (TLS) Certification
- How to send AWS iot http request from flutter app using certificates?
- SSL handshake error on self-signed cert in Flutter
- Flutter web, problem making request to a server with self signed certificate
- Flutter Websocket client ssl handshake failure
- How to do SSL pinning via self generated signed certificates in flutter?
- Using dart:io WebSocket with wss:// protocol (SSL)