I'm trying to create a proxy server that access third-party API, but their development end point have certificate error. Is there anyway to bypass ssl error when using http.dart?

import 'package:http/http.dart' as http;

Uri url = Uri.parse("https://url-with-ssl-error.com/endpoint");
http.get(url).then((response) => print(response.body));

and here's the error returned:

Uncaught Error: SocketIOException: RawSecureSocket error (Unexpected handshake error in client) (OS Error: errno = -8172)
Unhandled exception:
SocketIOException: RawSecureSocket error (Unexpected handshake error in client) (OS Error:  errno = -8172)
#0      _FutureImpl._scheduleUnhandledError.<anonymous closure> (dart:async/future_impl.dart:207:9)
#1      Timer.run.<anonymous closure> (dart:async/timer.dart:17:21)
#2      Timer.run.<anonymous closure> (dart:async/timer.dart:25:13)
#3      Timer.Timer.<anonymous closure> (dart:async-patch:15:15)
#4      _Timer._createTimerHandler._handleTimeout (dart:io:6990:28)
#5      _Timer._createTimerHandler._handleTimeout (dart:io:6998:7)
#6      _Timer._createTimerHandler.<anonymous closure> (dart:io:7006:23)
#7      _ReceivePortImpl._handleMessage (dart:isolate-patch:81:92)

Error -8172 means that 'Peer's certificate issuer has been marked as not trusted by the user.'

If you had access to the raw socket, then connect method allows you to specify what to do in case of bad certificate by providing onBadCertificate callback. However, I am not sure what is the exact type of http object in your code sample, so i can't tell whether you can workaround this or not. I thought it might be an HttpClient instance but it doesn't have a get method which takes a URI, so I am not sure. If it is your own class, maybe you have access to underlying secure socket so you can still use onBadCertificate.

Additionally, for server sockets, you can't rely on implicit SecureSocket.initialize() call. You need to call it explicitly with certificate db info.