I'm developing website where user submit credentials using ajax,php and using POST method and i want to protect login credentials not in plain text but i don't want to use SSL can i secure password credentials without using SSL certificate ??

Can anyone give me working example of any method ?

You cannot completely secure the credentials without some out-of-channel verification (which SSL provides); a man in the middle attack will always be possible.

Put simply, there is no way for the client to be completely sure that they are talking to the server instead of a fake server inserted somewhere in between.

You can use a provider like OpenID who will handle the authentication for you. The provider uses SSL to verify the credentials and then you can validate it by using their API, so the user never actually sends credentials to your page.

Getting started with OpenID

maybe this helps you: Two-way password encryption without ssl

In short .. no.

You can try but I don't think there is a method I can imagine in javascript or any other in-browser way to secure your posted data.

The problem is in the encryption side, doing a good strong public-private crypto in javascript doesn't sound feasible to me.

I'm also kind of curious about the why part . .

. . still pondering on some possible method. . will update post if something pops up.

Using SSL without a certificate should be possible. Makes you vulnerable to a man-in-the-middle-attack but encrypts the transferred data.