How to do SSL pinning via self generated signed certificates in flutter?

by

There isn’t enough detail in the question, so this answer is based on some assumptions:

  1. Your APIs are HTTPS
  2. You are talking about validating a server-side self-signed HTTPS certificate
  3. You are using package:http as the http client
  4. No client-side certificates

package:http uses dart:io HttpClient under the hood, and HttpClient has a several features to allow for certificate validation. Since a self-signed server certificate will be untrusted by the client, the client will call the badCertificateCallback allowing you to validate the server certificate yourself, for example:

HttpClient httpClient = new HttpClient()
  ..badCertificateCallback =
  ((X509Certificate cert, String host, int port) {
    // tests that cert is self signed, correct subject and correct date(s) 
    return (cert.issuer == cert.subject &&
        cert.subject == 'MySelfSignedCertCN' &&
        cert.endValidity.millisecondsSinceEpoch == 1234567890);
  });

IOClient ioClient = new IOClient(httpClient);
// use ioClient to perform get/post operations from package:http

// don't forget to call ioClient.close() when done
// note, this also closes the underlying HttpClient

More Related Contents:

  1. The argument type ‘String’ can’t be assigned to the parameter type ‘Uri’
  2. Check whether there is an Internet connection available on Flutter app
  3. Adding a splash screen to Flutter apps
  4. Flutter – Wrap text on overflow, like insert ellipsis or fade
  5. How to refresh an AlertDialog in Flutter?
  6. How to downgrade Flutter SDK (Dart 1.x)
  7. How to add a ListView to a Column in Flutter?
  8. Flutter: how to force an application restart (in production mode)?
  9. How To Override the “Back” button in Flutter? [duplicate]
  10. FlutterError: Unable to load asset
  11. InkWell not showing ripple effect
  12. How to debounce Textfield onChange in Dart?
  13. How to test Flutter widgets on different screen sizes?
  14. Flutter: Expanded vs Flexible
  15. Flutter Back button with return data
  16. How can I check if a Flutter application is running in debug?
  17. Flutter : Run an app as a background service
  18. How to open DropDown dialog below DropdownButton like Spinner in Flutter?
  19. Why is riverpod failing even to initialize in project? Method not found: ‘Error.throwWithStackTrace’
  20. Incorrect use of parent data widget. expanded widgets must be placed inside flex widgets
  21. Flutter use variable created inside Future builder outside of the build method,
  22. There are multiple heroes that share the same tag within a subtree
  23. How to make button width match parent?
  24. How should I check if the input is an email address in Flutter? [duplicate]
  25. Flutter: List is deprecated? [duplicate]
  26. How to execute code before app exit flutter
  27. How can a named route have URL parameters in flutter web?
  28. How to pass callback in Flutter
  29. Unsupported class file major version 61 error
  30. How to save and download text file in Flutter web application

Leave a Comment