key transmission?
I mean I have a TCP server that is using a TLS cert(self-signed or with a legal CA). The clients doesn't know about the cert(public key). I've read some article that are hard coding the server's cert into the client's codebase. I don't think it's reasonable.
My question is that can I first transfer the cert over raw TCP and then wrap the connection with TLS?
trying to reinvent HTTPS?
> hard coding the server's cert into the client's codebase I think it's a bad idea, since hard-coding stuff is usually bad practice (but I might be wrong in this particular case) > My question is that can I first transfer the cert over raw TCP and then wrap the connection with TLS? You can share the public key with anyone however you please, it’s totally safe as long as you keep your private key secret. You’d usually use it for encrypted key-exchange and continue with a symmetric key since symmetric encryption algorithms are way faster than their assymetric counterparts. Please, make sure you know how HTTPS works 🙂
Обсуждают сегодня