Self-signed cert for gRPC on Flutter

ssl flutter dart grpc self-signed
1,992

There doesn't seem to be an obvious solution on iOS for adding a trusted, self-signed root CA. Since production will likely have a publically trusted CA, you can work around by disabling TLS verification for development only.

Here's the relevant snippet of my full example repo:

Future<ClientChannel> makeChannel() async {
  final caCert = await rootBundle.loadString('assets/pki/ca/ca.crt');

  return ClientChannel(
    'localhost',
    port: 13100,
    options: ChannelOptions(
      credentials: ChannelCredentials.secure(
        certificates: utf8.encode(caCert),

        // --- WORKAROUND FOR SELF-SIGNED DEVELOPMENT CA ---
        onBadCertificate: (certificate, host) => host == 'localhost:13100',
      ),
    ),
  );
}

In this case, my server is listening on localhost:13100.

Share:
1,992
Niki Yoshiuchi
Author by

Niki Yoshiuchi

I write code.

Updated on December 17, 2022

Comments

  • Niki Yoshiuchi
    Niki Yoshiuchi over 1 year

    I have a Flutter app that communicates with a server using gRPC. The server is using a self-signed certificate for TLS. I have added the certificate to my Flutter app, and this works on Android. However on iOS I get CERTIFICATE_VERIFY_FAILED error. Does iOS just not allow self-signed certificates?

    I am setting up my gRPC client as follows:

        var cert = await rootBundle.load('assets/cert.crt');
    var creds = ChannelCredentials.secure(
        certificates: cert.buffer.asUint8List().toList()
    );
    var channel = ClientChannel(
        host,
        port: port,
        options: new ChannelOptions(credentials: creds));
    return GrpcClient(channel);
  • Niki Yoshiuchi
    Niki Yoshiuchi about 4 years
    Thanks, this is essentially what I have ended up doing.
  • codeKiller
    codeKiller almost 4 years
    hey @AndiDog, my app behaves different depending on if i add onBadCertificate or not...without it, i get: CERTIFICATE_VERIFY_FAILED: unable to get local issuer certificate and with it, i get: SSLV3_ALERT_BAD_CERTIFICATE...both for the same .perm file....any clue what can be wrong?
  • AndiDog
    AndiDog almost 4 years
    Debug the alert in Wireshark or in the logs? Since you see a difference, I assume the desired effect actually works, but you possibly still got a server-side alert for some other reason (e.g. bad client certificate).
  • AndiDog
    AndiDog almost 4 years
    @JamesTan No. But which Flutter platform runs node? Are you cross-compiling server-side Dart code to node.js? Then maybe stackoverflow.com/questions/10888610/… helps.
  • James Tan
    James Tan almost 4 years
    sorry i was using nodejs as client side, not flutter. havent try that reference, but i got this working: stackoverflow.com/questions/62108009/…

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

GRPC ssl with self-signed cert
Dart gRPC TLS certificates with PEMs
Flutter video player wont accept self signed https connection
Interceptors of dart Grpc
Flutter Websocket client ssl handshake failure
Handshake error in client : CERTIFICATE_VERIFY_FAILED Self signed certificate in flutter
Conveyor with Flutter - Handshake error when running .net web app locally
Can gRPC be integrated into flutter-web?
How to do Asynchronous streaming with gRPC?
gRPC in Flutter crash when no internet