requestClientCertificate: true when calling [HttpServer.bindSecure()`]
#389
Comments
|
This this a request for |
|
Shelf as dart.io already has the ability to request a client certificate for mutual auth but it's missing from shelf unfortunately |
github-actions
bot
removed
the
needs-info
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I need to use dart shelf with mutual ssl auth, please could we expose requestClientCertificate ?
Future serve(
Handler handler,
Object address,
int port, {
SecurityContext? securityContext,
int? backlog,
bool requestClientCertificate = false,
bool shared = false,
String? poweredByHeader = 'Dart with package:shelf',
}) async {
backlog ??= 0;
var server = await (securityContext == null
? HttpServer.bind(address, port, backlog: backlog, shared: shared)
: HttpServer.bindSecure(
address,
port,
securityContext,
backlog: backlog,
requestClientCertificate: requestClientCertificate,
shared: shared,
));
serveRequests(server, handler, poweredByHeader: poweredByHeader);
return server;
}
Ah, I see. Just using SSL isn't enough to set
HttpRequest.certificate; it's a client-side certificate, which means the server has to request it (by settingrequestClientCertificate: truewhen callingHttpServer.bindSecure()) and the client has to send it (by passing a security context toHttpClient(), which you're doing). We don't currently exposerequestClientCertificateinshelf_io.serve... you could add that if you want, but I don't think anyone really uses client certificates so I'd be fine limiting this pull request to exposing the connection info.Originally posted by @nex3 in #92 (comment)
The text was updated successfully, but these errors were encountered: