dart-lang
requestClientCertificate: true` when calling [`HttpServer.bindSecure()`]
I need to use dart shelf with mutual ssl auth, please could we expose requestClientCertificate ?
Future<HttpServer> serve( Handler handler, Object address, int port, { SecurityContext? securityContext, int? backlog, bool requestClientCertificate = false, bool shared = false, String? poweredByHeader = 'Dart with package:shelf', }) async { backlog ??= 0; var server = await (securityContext == null ? HttpServer.bind(address, port, backlog: backlog, shared: shared) : HttpServer.bindSecure( address, port, securityContext, backlog: backlog, requestClientCertificate: requestClientCertificate, shared: shared, )); serveRequests(server, handler, poweredByHeader: poweredByHeader); return server; }
Ah, I see. Just using SSL isn't enough to set HttpRequest.certificate; it's a client-side certificate, which means the server has to request it (by setting requestClientCertificate: true when calling HttpServer.bindSecure()) and the client has to send it (by passing a security context to HttpClient(), which you're doing). We don't currently expose requestClientCertificate in shelf_io.serve... you could add that if you want, but I don't think anyone really uses client certificates so I'd be fine limiting this pull request to exposing the connection info.
Originally posted by @nex3 in https://github.com/dart-lang/shelf/issues/92#issuecomment-339204852
Shelf as dart.io already has the ability to request a client certificate for mutual auth but it's missing from shelf unfortunately