Help Need: Handshake error in client

gousebaig · May 4, 2025, 12:05pm

Hi,

I am trying to connect to a signalR service and encountered with an error as below.

HandshakeException: Handshake error in client (OS Error:
I/flutter ( 6985): │ CERTIFICATE_VERIFY_FAILED: Hostname mismatch(handshake.cc:393))

Any help on this?

hillel · May 4, 2025, 12:15pm

Hi,

We’re also seeing this error, if a user is running a VPN disabling it can sometimes help.

This issue on GitHub may be related:

github.com/flutter/flutter

[windows][sandoxed] Release mode throws Handshake error when making network request

opened 10:50AM - 25 Aug 21 UTC

krll-kov

engine dependency: dart platform-windows a: desktop a: release P2 team-windows triaged-windows

I've made a flutter desktop app, build it in a Release mode and decided to test …in on Windows' SandBox. The problem is that any https request to any server leads to "Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: unable to get local issuer certificate(handshake.cc:363))" error. If this happens on an official SandBox, it also might happen on default Windows version of some user. In this example i'm making request to Google Analytics server and encounter this error. <details> <summary>minimal code sample</summary> ```dart import 'dart:io'; import 'package:flutter/material.dart'; void main() => runApp(MyApp()); class MyApp extends StatefulWidget { @override _MyAppState createState() => _MyAppState(); } class _MyAppState extends State<MyApp> { String text = 'No errors!'; @override void initState() { WidgetsBinding.instance?.addPostFrameCallback((timeStamp) async { try { HttpClientRequest request = await HttpClient().postUrl(Uri.parse( 'https://www.google-analytics.com/mp/collect?measurement_id=test&api_secret=test2')); HttpClientResponse response = await request.close(); setState(() => text = 'Request was successfully sent to the Google server. Status code: ${response.statusCode.toString()}'); } catch (error) { setState(() => text = error.toString()); } }); super.initState(); } @override Widget build(BuildContext context) { return MaterialApp( title: 'Material App', home: Scaffold( appBar: AppBar( title: Text('Material App Bar'), ), body: Center( child: Container( child: Text(text), ), ), ), ); } } ``` </details> <details> <summary>preview</summary> Sandbox: ![image](https://user-images.githubusercontent.com/63228361/130776743-2461e987-8ac3-4ce3-be73-42ef745e990f.png) My pc: ![image](https://user-images.githubusercontent.com/63228361/130776817-18cf6898-d529-45d1-83ff-987c3191ffbc.png) </details> I also found a solution to this problem but i'm not sure that it's safe to allow any certificate to be used ```dart class FixSSLOverride extends HttpOverrides { @override HttpClient createHttpClient(SecurityContext? context) { return super.createHttpClient(context) ..badCertificateCallback = (X509Certificate cert, String host, int port) => true; } } HttpOverrides.global = FixSSLOverride(); ``` Flutter doctor -v <details> <summary>flutter doctor -v</summary> ```console [√] Flutter (Channel stable, 2.2.3, on Microsoft Windows [Version 10.0.19043.1165], locale en-US) • Flutter version 2.2.3 at C:\Install\flutter • Framework revision f4abaa0735 (8 weeks ago), 2021-07-01 12:46:11 -0700 • Engine revision 241c87ad80 • Dart version 2.13.4 [√] Android toolchain - develop for Android devices (Android SDK version 30.0.3) • Android SDK at C:\Users\karnm\AppData\Local\Android\sdk • Platform android-30, build-tools 30.0.3 • Java binary at: C:\Install\Android Studio\jre\bin\java • Java version OpenJDK Runtime Environment (build 11.0.10+0-b96-7249189) • All Android licenses accepted. [√] Chrome - develop for the web • Chrome at C:\Program Files\Google\Chrome\Application\chrome.exe [√] Visual Studio - develop for Windows (Visual Studio Community 2019 16.9.4) • Visual Studio at C:\Program Files (x86)\Microsoft Visual Studio\2019\Community • Visual Studio Community 2019 version 16.9.31205.134 • Windows 10 SDK version 10.0.19041.0 [√] Android Studio (version 4.1.0) • Android Studio at C:\Install\Android Studio • Flutter plugin can be installed from: https://plugins.jetbrains.com/plugin/9212-flutter • Dart plugin can be installed from: https://plugins.jetbrains.com/plugin/6351-dart • Java version OpenJDK Runtime Environment (build 11.0.10+0-b96-7249189) [√] IntelliJ IDEA Ultimate Edition (version 2021.1) • IntelliJ at C:\Install\IntelliJ IDEA 2020.3.1 • Flutter plugin version 58.0.3 • Dart plugin version 211.7727 [√] Connected device (3 available) • Windows (desktop) • windows • windows-x64 • Microsoft Windows [Version 10.0.19043.1165] • Chrome (web) • chrome • web-javascript • Google Chrome 91.0.4472.77 • Edge (web) • edge • web-javascript • Microsoft Edge 92.0.902.78 • No issues found! ``` </details>

hanskokx · May 5, 2025, 12:09pm

SSL certificates are explicitly tied to hostnames. If you’re connecting to serverA.com and you get a certificate that says serverB.com, you’ll see this error.

The answer to why you’re getting a mismatched hostname in the certificate could be a million different reasons. I know that, for myself, I use a secure DNS server with a blocklist. If I try to connect to a site on the blocklist, my DNS server will return a block page with an SSL certificate (that doesn’t match the original hostname). This is just one example of what could be happening.