i am trying to implement SSL pinning to my flutter app. I am using a "certificate.pem" file. I have a custom HttpService class, all the http requests are made from methods which belongs to this class.
class HttpService {
late IOClient _ioClient;
static final HttpService service = HttpService._init();
HttpService._init();
// TODO: get server certificate, load and add it to the SecurityContext
Future<void> setTrustedCertificate() async {
final sslCert = await rootBundle.load('assets/cert/certificate.pem');
SecurityContext securityContext = SecurityContext(withTrustedRoots: false);
securityContext.setTrustedCertificatesBytes(sslCert.buffer.asInt8List());
HttpClient httpClient = HttpClient(context: securityContext);
httpClient.badCertificateCallback = (X509Certificate cert, String host, int port) => false;
_ioClient = IOClient(httpClient);
}
Future<http.Response> getRequest({
required Uri path,
required Map<String, String> requestHeaders}) async {
return await _ioClient.get(path, headers: requestHeaders);
}
Future<http.Response> postRequest({
required Uri path,
required Map<String, String> requestHeaders,
required Object? requestBody}) async {
return await _ioClient.post(path, headers: requestHeaders, body: requestBody);
}
}
Also i call the "setTrustedCertificate()" method at the main function.
void main() async {
SystemChrome.setSystemUIOverlayStyle(const SystemUiOverlayStyle(statusBarColor: Colors.transparent));
WidgetsFlutterBinding.ensureInitialized();
await HttpService.service.setTrustedCertificate();
SystemChrome.setPreferredOrientations([
DeviceOrientation.portraitUp,
DeviceOrientation.portraitDown,
]);
runApp(MyApp());
}
But i am getting this error:
flutter: HandshakeException: Handshake error in client (OS Error:
CERTIFICATE_VERIFY_FAILED: application verification failure(handshake.cc:393))
What might be causing this problem?
