Can HTTPS server configured without a server certificate?
I have noticed that, a HTTPS connection can be set up with the server configured to use a certificate, and when additional security is required, the server can ask the client to provide a client certificate, validate it and set up connection.
It seems that, if we ask all clients to provide their certificates, which contains public keys and corresponding signatures, the secure connection should also able to be established. The server just validates the signatures, then encrypts the data being send using client's public key. If knowledge of the identity of clients is more important than that of the server, the server certificate is of no use here.
So is it supported in HTTPS protocol, that the server provides no certificates but ask for client certificates, and then establish HTTPS connection?
