Issue with SSL certificate

[Blaumeise03]

A couple of users have reported issues with the SSL certificate of sweet.silkypants.dev. The app crashes with the following exception:

HandshakeException: HandshakeException: Handshake error in client (OS Error: 
CERTIFICATE_VERIFY_FAILED: unable to get local issuer certificate(../../../flutter/third_party/boringssl/src/ssl/handshake.cc:393))

After creating a debug build which dumps the certificate by overriding HTTPClient.badCertificateCallback, I have found out that the following certificate is failing:

[2024-09-18 22:45:09.605339] Bad SSL certificate for sweet.silkypants.dev:443
== CERT ==
 Issuer: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
 Subject: /C=US/O=Amazon/CN=Amazon Root CA 1
 Start: 2015-05-25 12:00:00.000Z
 End: 2037-12-31 01:00:00.000Z
 SHA1: [6, 178, 89, 39, 196, 42, 114, 22, 49, 193, 239, 217, 67, 30, 100, 143, 166, 46, 30, 57]
== END ==

It seems that there are multiple possible certification paths with two different versions of the Amazon Root CA 1. The one that is failing is this one: crt.sh/?id=11265962. Even though this chain is also valid/trusted, dart seems to fail resolving it properly.

The ssllabs report:

I will upload a hotfix which does use the badCertificateCallback to manually trust the second certificate for this host. But this is not a very nice fix and I would appreciate further help.

[Blaumeise03]

Issue still persists, android seems to also be affected. Also it seems like the issue depends on the internet connection (and not on the device itself). One user reported that switching to mobile data fixes the problem.