I recently struggled using standalone DartVM and SSL as a client. I understand that Dart uses Mozilla NSS to manage certificates. I have a problem with the problem, that on Windows, for example, there are no binaries that I can find (except for third parties compiling the Mozilla source code and downloading them to mega or similar, which is pretty alarming if you ask me) for the Windows platform. Compiling this code in C ++ is not a trivial task. I do not have the resources to do this on my own under the Windows platform. This is why I write Dart (or other high-level languages) in the first place.
Despite this, the error message that I get when I try to connect securely and provide a self-signed (or rather more technically correct, unreliable) certificate is that the OS itself does not trust the certificate. On Windows, this is not the case. This certificate that I use is the root CA certificate of my generation with the correct signature / signature chain, manually installed in trusted Windows roots. Both Chrome and Internet Explorer (of which they use the Windows certificate store) trust my certificates without any warning after this. Therefore, if DartVM does not use the "OS" to verify the certificate during a handshake, this message is very uninformative / misleading.
What can be done to overcome this outside of NSS compilation and try to figure out how to import my certificates using overly complex and documented steps? Is there a parameter that could be specified when initiating a secure connection to ignore SSL errors of this kind?
My web server forces me to use HTTPS, so returning to plain HTTP will not be an option for me. I also do not want to trust, and even more so I want to pay a third party for my certificates, which are largely used only internally, so I generated a wildcard certificate under my own root certification authority. The fee for a wildcard certificate for several domains that are not always publicly available or intended for public use is slightly astronomically estimated and completely excluded.
Hydra source
share