What is HTTPS?

HTTPS is HTTP connection over TSL/SSL and provides secured connection between a server and a client.

  • SSL: Secure Socket Layer (SSL)
  • TSL:

https://www.globalsign.com/en/blog/ssl-vs-tls-difference/

HTTPS does 2 things.

  • Encryption
  • Identification

How Encryption works?

  1. Your browser reaches out to the website server and requests a connection.

  2. The server sends you its public key with SSL Certificate. It keeps its private key a secret.

  3. Your browser generates a third key called a session key.

  4. The session key is encrypted by your computer using the public key you got from the server.

  5. The encrypted session key is then shared with the server.

  6. The server decrypts the session key that it received from you using the secret private key. Now both ends have the session key that your computer generated.

  7. The public key encryption is terminated and replaced with session key, which is symmetric encryption at this moment.

  8. Now you are in a session with the server using only symmetric encryption, and that’s how it remains until you leave the website.

  9. asymmetric encryption - Use different keys to encrypt and decrypt

  10. symmetric encryption - Use same keys to do so.

Identification

SSL Certificate:

Identification is another significant to make users visit secure.

  • It authenticates the identity of the website (this guarantees visitors that they’re not on a bogus site)

  • It encrypts the data that’s being transmitted

results matching ""

    No results matching ""