Help - Search - Members - Calendar
Full Version: can I have TLS/SSL without using certificates?
The Planet Forums > Security > Encryption, SSL and Certificates
patoarlette
Dec 28 2007, 10:37 PM
I'm developing an application, were the client has the server's public key in his computer because he obtained it in a secure specific way.

the client needs to validate that he is connecting to an authentic server, but the server doesn't need to validate the client.

I want to know if it's ok with the TLS standard if I use directly the server's public key that has the client in his computer or if I need to use certificates to complain with the TLS standard. I mean I want to use the key something like SSH keys are used, if I do that it will still be TLS or I'm doing my own standard?

Thanks
joec@home
Aug 8 2009, 05:30 PM
That depends on what application you are using. RSA Key encryption can actually be used in several different environments, it is just the SSL's are most commonly known to the public. You may want to look at the source to see more about how RSA keys operate.

OpenSSL:
Welcome to the OpenSSL Project

For example you can use RSA keys to authenticate for ssh access:

How to Use RSA Key for SSH Authentication
http://news.softpedia.com/news/How-to-Use-...ion-38599.shtml
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.