How to setup Dart to use a CA SSL certificate?

Question

I recently deployed a Dart server application that serves HTTP requests. I wanted to add support for HTTPS so I have been trying to add SSL to the Dart server application.

This answer gives a clear explanation of how to add a self-signing SSL certificate to Dart. However, I want to add an SSL certificate I bought from an SSL provider.

The SSL provider e-mailed my 4 files:

• Root CA Certificate - AddTrustExternalCARoot.crt
• Intermediate CA Certificate - COMODORSAAddTrustCA.crt
• Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
• Your PositiveSSL Certificate - my_domain.crt

I have been trying to figure out how certutil works and how to add these certificates to the certificate database, but I just can't figure it all out.

Anyone with experience enabling a CA SSL certificate in Dart?

SOLVED: Thanks to suggestion in the comments, I solved the issue. This is the gist of my complete setup: https://gist.github.com/stevenroose/e6abde14258971eae982

Answer 1

First of all, you probably have three files generated with openssl for your private key, server certificate and CA certificate. To convert all those into a PKCS12 file, you can use openssl:

openssl pkcs12 -export -out server.p12 -inkey server.key -in server.crt -certfile CAcert.crt

Then, you can adapt the certutil commands as shown to load you PKCS12 instead of generating new certificates:

certutil -N -d sql:certdb
certutil -A -n mycertnick -i server.crt -t "TCu,Cu,Tuw" -d sql:certdb
certutil -A -n myCA -i CAcert.crt -t "TCu,Cu,Tuw" -d sql:certdb
pk12util -i server.p12 -d sql:certdb

It seems to work with the sample code in the referenced question.

Answer 2

Unfortunately the SSL management in Dart is known to be very lacking. I reported this many times, with no serious answer from the Dart team. Star this issue if you want something done about it: https://code.google.com/p/dart/issues/detail?id=20967