In java SSL over https without certificate

Question

Is it possible to use ssl with httpconnection without using certificate in java? i wan to use a random number or a semetric key.

Thank Raihan

Answer 1

Yes, you can use several different authentication methods in SSL/TLS, including symmetric keys (PSK cipher suites) and username/password combination (SRP cipher suites). I can't say about Java built-in mechanisms, but out SecureBlackbox product (including its Java edition) lets you use mentioned mechanisms on both client and server side of SSL/TLS channel. This also applies to provided HTTPS client and server components as well.