Flutter doesn't work when self-signed certificate in chain #22077
Comments
I don't think this appropriate. Just because the Flutter team doesn't follow the opinion of the majority doesn't mean they are arrogant. See also https://flutter.io/design-principles/#code-of-conduct |
|
You can try this suggestion dart-lang/pub#1882 (comment) |
zoechi
added
c: new feature
Perhaps. Previous answers I have received on this have been arrogant though. |
|
Closed as a duplicate of #22077 (comment) |
|
@tabinnorway were you able to solve this? |
|
We solved it by setting the company FW up to not try to decrypt traffic
from my computer. That removes the self-signed certificate in certificate
chain problem for me.
fre. 23. okt. 2020, 22:34 skrev nehuenKC <[email protected]>:
… @tabinnorway <https://github.com/tabinnorway> were you able to solve this?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#22077 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAHYQNX6PZ4S5D7TS47SD6DSMHSFDANCNFSM4FWG3YWA>
.
|
Can you let me know the firewall rules you added please? |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. If you are still experiencing a similar issue, please open a new bug, including the output of |
After having played with Flutter a bit from my home computer, I have decided that it is a great tool for developing Enterprise mobile apps for a client. The client has all its users behind a firewall, and they use a self-signed certificate on the inside of said firewall.
This means flutter doesn't work. You get the following output
Now, this is quite a common problem, and there is no possible way you can convince some of the companies and government agencies using this method that they are wrong. Whether they are or not is also debatable. The self-signed certificate is only a "voulnerability" on the inside of the firewall, and if you have a bad actor on the inside of your firewall, a man in the middle attack is the least of your worries.
All other teams in the OSS community has solved this problem by allowing their tools to bypass this kind of certificate checking during installation. In npm you can set the environment variable NODE_TLS_REJECT_UNAUTHORIZED=0 and you are fine.
Is this crazy? Certainly not. The only "danger" area is if there is a bad actor somewhere between my computer and the firewall, and as I said, then I have far more severe problems
When previously reporting this I have received a response along the lines of "we will never allow this with flutter since the flutter team of developers are the only sane developers in the world, and all others are blithering idiots, particularly the node and git teams who have no problems with enabling word-destroying, no, universe-melting insane solutions like this".
Also, in my previous report of this issue, it was said it was solved because you can download the flutter tools entirely, removing the need for... I have not been able to do anything to solve this, and have not found any information on flutter.io that explains how I can get around this. My inability may certainly be a result of me being a blithering idiot, a lot of my problems are, but is there a solution for this? I would like to know.
Steps to Reproduce
3a. Run flutter doctor -v or
3b. Run flutter create -v flutter_test_app
Logs
The text was updated successfully, but these errors were encountered: