An implementation of an HttpClient with certificate pinning.

Pinning is done against SPKI (subject public key info) SHA-256 hashes. The client will download the certificates via a MethodChannel and cache them. All certificates with a matching SPKI hash will be used with a SecurityContext.


The client will log the SPKI hash of each certificate in the chain. Use this to get your hash. You can also get the hash with GnuTLS: gnutls-cli --print-cert example.com (look for the Public Key PIN).

import 'package:certificate_pinning_httpclient/certificate_pinning_httpclient.dart';

// with http
final client = IOClient(CertificatePinningHttpClient(

// with Dio
final _dio = Dio();
(_dio.httpClientAdapter as IOHttpClientAdapter).onHttpClientCreate =
    (client) => CertificatePinningHttpClient(

Disable logs for release builds:

import 'package:logger/logger.dart';

Logger.level = kDebugMode ? Level.debug : Level.nothing;