Geek Answers Handbook

How to create a secure HTTP server in a dart?

I am trying to configure a dart http server to run only with https. Therefore, I believe that I need to use HttpServer.bindSecure, but from the description I do not understand what needs to be conveyed as certificateName, and requestClientCertificateis true, makes it more or less safe or does not have any impact on security, which is always so. A small code example at the top of the page HttpServergoes to certificateName: 'localhost_cert', but before that it does something with the database, t seems to use it anyway. Can someone explain in more detail what these values ​​are and what they need to make them safe?

+3
source share
1 answer

Parameter requestClientCertificate bindSecure used to specify the client certificate. Client certificates are used by servers to identify and authorize clients, which does not appear to be the purpose of this issue. It should be noted that there is a known issue with using client certificates in Dart on IE9 and Windows 7.

The certificateName parameter is used to specify a certificate alias that exists in your certificate database. You specify the alias of the certificate using the parameter -n <nickname>when importing the certificate into your database using certutil .

Use the following steps to:

  • Install the NSS utility (including certutil)

  • <dir> <password>

  • , <host>, HTTPS-, . , . Ubuntu 14.04 Dart SDK 1.6 ( ). 1.8.3.

    • NSS
      sudo apt-get install libnss3-tools

    • cd ,

      cd <dir>

    • :
      echo "<password>" > pwdfile


    • certutil -N -d 'sql:./' -f pwdfile

    • :

      • :

        certutil -S -s "cn=<host>" -n "self signed for dart" -x -t "C,C,C" -m 1000 -v 120 -d "sql:./" -k rsa -g 2048 -f pwdfile

        <host> - ( " " ), , "localhost"

      • , <host>, "myhost.com":

        certutil -R -s "CN=<host>, O=None, L=San Diego, ST=California, C=US" -a -g 2048 -o <host>.csr -d "sql:./"

        <host>.csr, CSR, .

        <host>.crt


        certutil -A -n <host> -t "p,p,p" -i <host>.crt -d "sql:./"

        , :
        certutil -A -n my_intermediate_certificate -t "p,p,p" -i intermediate.crt -d "sql:./"
        "intermediate.crt" - , .

    • ,

      certutil -L -n <host> -d "sql:./"
      certutil -L -n my_intermediate_certificate -d "sql:./"

HTTPS, :

// Initialize secure socket to use certificate database (note: replace `<dir>`
// with the absolute path to the certificate database directory, and `<password>`
// with the value chosen above)
SecureSocket.initialize(database: "<dir>", password: "<password>");

// Bind secure HTTP server to specified host and port (typically 443)
HttpServer.bindSecure("<host>", 443, certificateName: "<host>")
  .then((HttpServer httpServer) {

    // Listen for incoming requests
    httpServer.listen((HttpRequest httpRequest) {

      // TODO: process request
    });
  })
  .catchError((error) {

    // TODO: handle error
  });

, , : - - - HTTPS. , , , HTTPS Dart, bindSecure.

+2

More articles:


All Articles