Problem with SSL certificate verification in windows mode

Mounir
Mounir Member Posts: 10
edited September 12 in Developer APIs

I wrote a flutter code that works well in web and mobile platforms:

  • Image selection
  • Upload to Cloudinary
  • Deletion

My problem is when I run this code in windows mode; The selection works fine. But the upload does not work and I have this error in the execution window:

Launching lib\main.dart on Windows in debug mode...
Building Windows application...
√ Built build\windows\x64\runner\Debug\test_cloudinary_flutter.exe
Debug service listening on ws://127.0.0.1:50893/2SCMiw57ukE=/ws
Syncing files to device Windows...
[ERROR:flutter/runtime/dart_vm_initializer.cc(41)] Unhandled Exception: HandshakeException: Handshake error in client (OS Error:
CERTIFICATE_VERIFY_FAILED: self signed certificate in certificate chain(../../../flutter/third_party/boringssl/src/ssl/handshake.cc:393))
#0 _SecureFilterImpl._handshake (dart:io-patch/secure_socket_patch.dart:99:46)
#1 _SecureFilterImpl.handshake (dart:io-patch/secure_socket_patch.dart:143:25)
#2 _RawSecureSocket._secureHandshake (dart:io/secure_socket.dart:920:54)
#3 _RawSecureSocket._tryFilter (dart:io/secure_socket.dart:1049:19)
<asynchronous suspension>

An AI advised me to disable SSL certificate verification. When I disabled SSL certificate verification it works fine on windows, but when I re-enable it doesn't.

How to fix this, because disabling SSL certificate verification in prduction mode is not a good idea?

Tagged:

Comments

  • Zachary
    Zachary Member, Cloudinary Staff Posts: 43

    Hi there,

    This looks like it is a known issue within Flutter. Here is a recent ticket for tracking:
    https://github.com/flutter/flutter/issues/56607

  • Mounir
    Mounir Member Posts: 10

    Does this have anything to do with the security of the Cloudinary site; I checked it with the ssllabs site and it gave it a B grade:

    https://www.ssllabs.com/ssltest/analyze.html?d=cloudinary.com

  • Zachary
    Zachary Member, Cloudinary Staff Posts: 43

    Hi there,

    No, the issue I linked to is exclusive to Flutter and un-related to Cloudinary.

    The SSL labs grade is referencing us accepting TLS 1.0,1.2 and so they've given us a B.