79612228

Date: 2025-05-08 11:08:10
Score: 0.5
Natty:
Report link

Solved.

By relaxing authentication rules on the server, I was able to find out that the client certificate was always empty. The solution involved extending ChannelCredentials and overriding:

  @override
  SecurityContext get securityContext {
    return SecurityContext(withTrustedRoots: true)
      ..useCertificateChainBytes(clientCert)
      ..usePrivateKeyBytes(clientKey)
      ..setAlpnProtocols(supportedAlpnProtocols, false);
  }

In this instance, even loading a .pfx cert and using :

  @override
  SecurityContext get securityContext {
    return SecurityContext(withTrustedRoots: true)
      ..useCertificateChainBytes(clientCert)
      ..setAlpnProtocols(supportedAlpnProtocols, false);
  }

will send a completely empty cert.

Reasons:
  • Long answer (-0.5):
  • Has code block (-0.5):
  • Self-answer (0.5):
  • Low reputation (1):
Posted by: George Gayton