Flutter/Dart 语言中的客户端证书认证 [英] Client certificate authentication in Flutter/Dart languege

问题描述

I am fairly new in certificates world. I decided to create an application that is obligated to use a certificate to access the API.

I created a self-signed CA certificate, SSL Certificate and a client certificate. I imported them into Windows Server and configured IIS properly. I am able to make a request with clientcertificate.pfx file to API from browser (Google Chrome). The pfx certificate is imported to personal user store via MMC. To create pfx file I used .cert and .pvk files.

So far so good.

Now I am trying to make a request from dart and don't know what files I should send to API. Should I send the pfx file? Or maybe .cert and .pvk files? Have you ever done it guys? Could someone help me a bit with understanding this proccess? I have already read a lot of websites but still didn't find answers. In mobile development world I am totally new too.

解决方案

Dart's HttpClient can take a SecurityContext.

To add a custom trusted certificate authority, or to send a client certificate to servers that request one, pass a SecurityContext object as the optional context argument to the HttpClient constructor. The desired security options can be set on the SecurityContext object.

Store your PKCS12 client keystore (the pfx file) somewhere in your app, probably as an asset, and load it on startup. Create a SecurityContext and then call both useCertificateChainBytes and usePrivateKeyBytes passing the same values to both (the pfx file's contents and password).

Use that SecurityContext as the context of your HttpClient.

这篇关于Flutter/Dart 语言中的客户端证书认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！