Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Possibility to use system ca store (including user installed) #41781

Closed
stefan01 opened this issue Oct 2, 2019 · 7 comments
Closed

Possibility to use system ca store (including user installed) #41781

stefan01 opened this issue Oct 2, 2019 · 7 comments
Labels
dependency: dart Dart team may need to help us

Comments

@stefan01
Copy link

stefan01 commented Oct 2, 2019

Is it by any means possible to use the platform dependent system ca store? I am developing a flutter application, where I need to trust user installed ca certificates.
As far as I see, the dart http client has it's own trusted certificates and there is no possibility to use the system installed, is that correct? If yes it would probably mean, I would need to write all http related stuff native.

@BondarenkoStas BondarenkoStas added dependency: dart Dart team may need to help us documentation labels Oct 2, 2019
@stefan01
Copy link
Author

I still haven't gotten an answer (over a week now). I need this for a project. If this isn't possible at the moment I will continue writting that parts native.

@kf6gpe
Copy link
Contributor

kf6gpe commented Jan 30, 2020

This should be filed over in the https://github.com/dart-lang/sdk repo --- the HTTP client is part of Dart, not flutter.

@abianche
Copy link

abianche commented Oct 2, 2020

@stefan01 did you manage to get the system/user certificates to work in Flutter? Or do you perhaps know a plugin that handles this out of the box?

@stefan01
Copy link
Author

stefan01 commented Oct 2, 2020

@abianche Sadly in the end I didn't use the dart http client for http calls which relied on the user ca store and instead implemented all http calls native :/

@abianche
Copy link

abianche commented Oct 2, 2020

@stefan01 thanks for the reply. Basically if I go native, the support is out of the box right? Did you do it for both android and iOS?

@stefan01
Copy link
Author

stefan01 commented Oct 2, 2020

Sadly it also doesn't work directly out of the box. On Android you need to configure the network security configuration.
This is the one I used:

<network-security-config>
    <base-config>
        <trust-anchors>
            <!-- Trust preinstalled CAs -->
            <certificates src="system" />
            <!-- Additionally trust user added CAs -->
            <certificates src="user" />
        </trust-anchors>
    </base-config>
</network-security-config>

On iOS I'm not 100% sure how it worked. I think it worked out of the box but it can't be tested on the emulator.

@github-actions
Copy link

This thread has been automatically locked since there has not been any recent activity after it was closed. If you are still experiencing a similar issue, please open a new bug, including the output of flutter doctor -v and a minimal reproduction of the issue.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 12, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependency: dart Dart team may need to help us
Projects
None yet
Development

No branches or pull requests

5 participants