如何通过Fluke自身生成的签名证书进行SSL固定? [英] How to do SSL pinning via self generated signed certificates in flutter?
问题描述
我正在寻找SSL固定,并使用自我生成的证书来快速地运行我们的api.
I am looking for SSL pinning and using self generated certificates to run our apis in flutter.
推荐答案
该问题没有足够的详细信息,因此此答案基于以下假设:
There isn't enough detail in the question, so this answer is based on some assumptions:
- 您的API是HTTPS
- 您正在谈论验证服务器端自签名HTTPS证书
- 您将
package:http用作http客户端 - 没有客户端证书
- Your APIs are HTTPS
- You are talking about validating a server-side self-signed HTTPS certificate
- You are using
package:httpas the http client - No client-side certificates
package:http在内部使用dart:io HttpClient,并且HttpClient具有多项功能,可用于证书验证.由于客户端将不信任自签名服务器证书,因此客户端将调用badCertificateCallback,使您可以自己验证服务器证书,例如:
package:http uses dart:io HttpClient under the hood, and HttpClient has a several features to allow for certificate validation. Since a self-signed server certificate will be untrusted by the client, the client will call the badCertificateCallback allowing you to validate the server certificate yourself, for example:
HttpClient httpClient = new HttpClient()
..badCertificateCallback =
((X509Certificate cert, String host, int port) {
// tests that cert is self signed, correct subject and correct date(s)
return (cert.issuer == cert.subject &&
cert.subject == 'MySelfSignedCertCN' &&
cert.endValidity.millisecondsSinceEpoch == 1234567890);
});
IOClient ioClient = new IOClient(httpClient);
// use ioClient to perform get/post operations from package:http
// don't forget to call ioClient.close() when done
// note, this also closes the underlying HttpClient
这篇关于如何通过Fluke自身生成的签名证书进行SSL固定?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
