如何通过颤振中的自生成签名证书进行 SSL 固定? [英] How to do SSL pinning via self generated signed certificates in flutter?
问题描述
我正在寻找 SSL 固定并使用自生成的证书在 Flutter 中运行我们的 api.
I am looking for SSL pinning and using self generated certificates to run our apis in flutter.
推荐答案
问题中没有足够的细节,所以这个答案是基于一些假设:
There isn't enough detail in the question, so this answer is based on some assumptions:
- 您的 API 是 HTTPS
- 您说的是验证服务器端自签名 HTTPS 证书
- 您正在使用
package:http作为 http 客户端 - 没有客户端证书
- Your APIs are HTTPS
- You are talking about validating a server-side self-signed HTTPS certificate
- You are using
package:httpas the http client - No client-side certificates
package:http 在底层使用 dart:io HttpClient,并且 HttpClient 有几个特性来允许证书验证.由于客户端不信任自签名服务器证书,客户端将调用 badCertificateCallback 允许您自己验证服务器证书,例如:
package:http uses dart:io HttpClient under the hood, and HttpClient has a several features to allow for certificate validation. Since a self-signed server certificate will be untrusted by the client, the client will call the badCertificateCallback allowing you to validate the server certificate yourself, for example:
HttpClient httpClient = new HttpClient()
..badCertificateCallback =
((X509Certificate cert, String host, int port) {
// tests that cert is self signed, correct subject and correct date(s)
return (cert.issuer == cert.subject &&
cert.subject == 'MySelfSignedCertCN' &&
cert.endValidity.millisecondsSinceEpoch == 1234567890);
});
IOClient ioClient = new IOClient(httpClient);
// use ioClient to perform get/post operations from package:http
// don't forget to call ioClient.close() when done
// note, this also closes the underlying HttpClient
这篇关于如何通过颤振中的自生成签名证书进行 SSL 固定?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
