Reputation: 133
Handshake error in client (OS Error: TLSV1_ALERT_PROTOCOL_VERSION(tls_record.cc:586) in flutter app when trying to do a post/get request
I have Node.js rest APIs, which I am using in my flutter app to do requests accordingly, but when I tried to do the same I am getting an exception that is:
Exception has occurred.
HandshakeException (HandshakeException: Handshake error in client (OS Error: TLSV1_ALERT_PROTOCOL_VERSION(tls_record.cc:586)))
I am doing the request with the http client like:
import 'package:http/http.dart' as http;
const _baseUrl = https://domain.in/api/
http.Response response = await http.post(
_baseUrl + 'user/login',
body: json.encode(_authData),
headers: {'Content-Type': 'application/json'},
).catchError((onError){
print(onError);
});
It was working with http but it is not working with https.
Upvotes: 4
Views: 4673
Answers (2)
Reputation: 994
This is a server side error because of your nginx ssl configuration.
ssl_protocols line in your /etc/nginx/nginx.conf file should look like this :
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
If you use extra file for your ssl settings in /etc/nginx/sites-enabled/default or yourdomain file in same path, for example a file called ssl-params.conf, add ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; line in this file too.
This is part of my /etc/nginx/sites-enabled/default file:
server {
#Enable HTTP/2
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name domain.net www.domain.net;
# Use the Let's Encrypt certificates
ssl_certificate /etc/letsencrypt/live/domain.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.net/privkey.pem;
#Include the SSL configuration from cipherli.st
include snippets/ssl-params.conf; // <- !pay attention this line
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:5000/;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
}
This is my /etc/nginx/snippets/ssl-params.conf file:
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
And this is ssl_protocols line in my /etc/nginx/nginx.conf
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
This settings solved my problem. I hope helps others too.
Upvotes: 1
Reputation: 515
I went through the same problem. The problem was with the server-side ssl certificate. I changed the request from https to http.
Upvotes: 1
Related Questions
- Why i'm getting WRONG_VERSION_NUMBER when making a POST request to a HTTPS Server?
- How to solve Flutter CERTIFICATE_VERIFY_FAILED error while performing a POST request?
- Flutter HTTPS Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: ok(handshake.cc:363))
- Flutter app cannot make socket connection with certificate handshake error CERTIFICATE_VERIFY_FAILED
- Unhandled Exception: HandshakeException: Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: certificate has expired(handshake.cc:393))
- error : Bad state: Insecure HTTP is not allowed by platform in flutter
- How to solve insecure http not allowed by platform flutter?
- Flutter Websocket client ssl handshake failure
- Exception happens on http GET request to both http and https API server in flutter web app
- Error: Specified protocol was not requested by the client. Flutter and Node Web Socket