Add a guide on self-signed certs

[eseidelGoogle]

There are enough corporate setups out there were machines are expected to have a custom self-signed corporate cert and then send all traffic through a proxy so that https can be decrypted/inspected. Dart/Flutter don't play nice with these setups by default, but they're common enough that we should probably document how to work around this.

See dart-lang/sdk#25615 (comment)
dart-lang/pub#1882 as examples of requests.

[eseidelGoogle]

I believe the known workaround (see comment links above) is to manually invoke pub (instead of using flutter packages and include:

DART_VM_OPTIONS=--root-certs-file=some_file pub get

[larelb]

I was able to get this working in Windows behind a corporate setup using a custom self-signed certificate.

1. Set a new environment variable as variable name: DART_VM_OPTIONS and variable value: --root-certs-file=some_file (some_file = C:/certs/cert.pem)

2. Be sure to restart PowerShell or the Command Prompt for changes to reflect.

3. Now run "flutter packages get" in the flutter app's directory.

I'm not sure if this was optional, but I also added the ...flutter\bin\cache\dart-sdk\bin to the Windows Path variable before I did all of this.

[jamespet77]

Is it possible to accomplish this in a mobile dev enviro. Android / iOS app?

[smokinguns]

@eseidelGoogle
Flutter users should run flutter packages get instead of pub get.

I believe the known workaround (see comment links above) is to manually invoke pub (instead of using flutter packages and include:

DART_VM_OPTIONS=--root-certs-file=some_file pub get

perhaps i'm not following but running pub on a flutter application yields Flutter users should run flutter packages getinstead ofpub get.

[irides]

@larelb

I was able to get this working in Windows behind a corporate setup using a custom self-signed certificate.

I tried to generate a self-signed certificate but still got 'TLS error'.
Could you please show me how to generate this self-signed certificate? Or maybe where to get this file?

Thx.

[miltonfajardo]

@eseidelGoogle
Flutter users should run flutter packages get instead of pub get.

I believe the known workaround (see comment links above) is to manually invoke pub (instead of using flutter packages and include:

DART_VM_OPTIONS=--root-certs-file=some_file pub get

perhaps i'm not following but running pub on a flutter application yields Flutter users should run flutter packages getinstead ofpub get.

For me on Windows:

set DART_VM_OPTIONS=--root-certs-file=c:\cert\Certifica.crt
flutter upgrade

[kiran-cmyk]

@eseidelGoogle
Flutter users should run flutter packages get instead of pub get.

I believe the known workaround (see comment links above) is to manually invoke pub (instead of using flutter packages and include:

DART_VM_OPTIONS=--root-certs-file=some_file pub get

perhaps i'm not following but running pub on a flutter application yields Flutter users should run flutter packages getinstead ofpub get.

Hi @eseidelGoogle, I am behind corporate firewall and I have tried setting the DART_VM_OPTIONS.
My environment variable looks like below.

--root-certs-file="path_to_cert_file/cert.pem"

Please let me know where should i add "flutter packages get" command? Should it be part of DART_VM_OPTIONS environment variable?

[eseidelGoogle]

FYI @zanderso for tooling triage.

[zanderso]

Filed flutter/flutter#56607 to try to make this a bit smoother on the tooling side.