CERTIFICATE_VERIFY_FAILED: Hostname mismatch(handshake.cc:352)) for TCP connection on local server

The problem is that the CN (or SANs) in the certificate presented by the local machine do not include 192.168.8.106.

You can verify this by using the openssl s_client command:

openssl s_client -connect 192.168.8.106:8883 -CAfile /path/to/ca/cert

This means that the SSL/TLS library in flutter will complain that certificate doesn't reliably represent that machine.

This is important as this is what stops Man-in-the-Middle attacks.

You have 2 options to solve this.

1. reissue the certificate with a CN or SAN entry with 192.168.8.106
2. See if you can find a way to influence the Certificate verification. There are examples of how to do this with the dart http library (https://stackoverflow.com/a/59303283/504554) but I haven't found this in the MQTT client library (I haven't looked that hard).

You have to be very careful if you go with option 2 to ensure that you do not open up too big a hole for Man-in-the-middle attacks.

I got the same error in my flutter app but my solution and reason was a bit different.

My certificate was "*.xxxxxx.com" (star certificate).(xxxxxx.com is not for +18 site, just sample :) )

My subdomain name was sub_domain.xxxxxx.com.

Solution was simple, but it take time to solve it.

"_" (underscore) was the main problem in the domain name.I changed it to subdoman.xxxxxx.com and it worked.