在没有证书的基于https的java SSL中 [英] In java SSL over https without certificate
问题描述
是否可以在不使用java证书的情况下使用带httpconnection的ssl?我想使用随机数或semetric键。
Is it possible to use ssl with httpconnection without using certificate in java? i wan to use a random number or a semetric key.
感谢
Raihan
Thank Raihan
推荐答案
虽然 SSL / TLS并不严格要求证书,但HTTPS需要证书,因为 RFC 2818 (特别是第3.1节)明确提及X.509证书。
Although SSL/TLS doesn't strictly require certificates, HTTPS expects certificates, since RFC 2818 (in particular, Section 3.1) clearly refers to X.509 certificates.
您可以在 ServerFault上的这个答案中找到更多详细信息,对于一个非常相似的问题。
You'll find more details in this answer on ServerFault, to a very similar question.
无论你做什么没有证书都将超出RFC 2818的范围,但它可能仍然有效(并且有意义)。然而,其他实现可能会有所不同。
如果您选择不使用证书,您仍需要一种方法来验证服务器的身份,以确保通信的安全性。
Whatever you do without certificate will be out of scope of RFC 2818, but it might still work (and make sense). However it is supported by other implementations may vary. If you choose not to use certificates, you'll still need a way to verify the identify of the server to ensure the security of the communication.
编辑:
JSSE的Oracle提供程序不支持PSK密码职责(或OpenPGP证书)。最接近共享密钥的是Kerberos密码套件。
The Oracle provider for JSSE doesn't support PSK cipher suties (or OpenPGP certs). The closest to a shared-key you'll get out of that are Kerberos cipher suites.
这篇关于在没有证书的基于https的java SSL中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!