问题
I am fairly new in certificates world. I decided to create an application that is obligated to use a certificate to access the API.
I created a self-signed CA certificate, SSL Certificate and a client certificate. I imported them into Windows Server and configured IIS properly. I am able to make a request with clientcertificate.pfx file to API from browser (Google Chrome). The pfx certificate is imported to personal user store via MMC. To create pfx file I used .cert and .pvk files.
So far so good.
Now I am trying to make a request from dart and don't know what files I should send to API. Should I send the pfx file? Or maybe .cert and .pvk files? Have you ever done it guys? Could someone help me a bit with understanding this proccess? I have already read a lot of websites but still didn't find answers. In mobile development world I am totally new too.
回答1:
Dart's HttpClient can take a SecurityContext.
To add a custom trusted certificate authority, or to send a client certificate to servers that request one, pass a SecurityContext object as the optional
contextargument to the HttpClient constructor. The desired security options can be set on the SecurityContext object.
Store your PKCS12 client keystore (the pfx file) somewhere in your app, probably as an asset, and load it on startup. Create a SecurityContext and then call both useCertificateChainBytes and usePrivateKeyBytes passing the same values to both (the pfx file's contents and password).
Use that SecurityContext as the context of your HttpClient.
来源:https://stackoverflow.com/questions/52355264/client-certificate-authentication-in-flutter-dart-languege