Issue with SSL certificate

[Blaumeise03]

A couple of users have reported issues with the SSL certificate of sweet.silkypants.dev. The app crashes with the following exception:

HandshakeException: HandshakeException: Handshake error in client (OS Error: 
CERTIFICATE_VERIFY_FAILED: unable to get local issuer certificate(../../../flutter/third_party/boringssl/src/ssl/handshake.cc:393))

After creating a debug build which dumps the certificate by overriding HTTPClient.badCertificateCallback, I have found out that the following certificate is failing:

[2024-09-18 22:45:09.605339] Bad SSL certificate for sweet.silkypants.dev:443
== CERT ==
 Issuer: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
 Subject: /C=US/O=Amazon/CN=Amazon Root CA 1
 Start: 2015-05-25 12:00:00.000Z
 End: 2037-12-31 01:00:00.000Z
 SHA1: [6, 178, 89, 39, 196, 42, 114, 22, 49, 193, 239, 217, 67, 30, 100, 143, 166, 46, 30, 57]
== END ==

It seems that there are multiple possible certification paths with two different versions of the Amazon Root CA 1. The one that is failing is this one: crt.sh/?id=11265962. Even though this chain is also valid/trusted, dart seems to fail resolving it properly.

The ssllabs report:

I will upload a hotfix which does use the badCertificateCallback to manually trust the second certificate for this host. But this is not a very nice fix and I would appreciate further help.