HTTPS
Last updated
Was this helpful?
Last updated
Was this helpful?
The protocol that extends from http protocol
To encrypt the data that sent over the internet, and make sure only the target server decrypt the data in order to prevent data stolen by interception
Conduct 3 ways handshake same as http
Server present the certificate to the client including public key, and client validate the certificate and receive the public key
Client generate session key and encrypt the session key by using public key received, and pass the encrypted session key to the server
Server decrypt the key by private key to make sure that both side contains the same session key
Transport the encrypted data and decrypted the data on both side by making use of session key
A certificate authority, also known as a certification authority, is a trusted organization that verifies websites (and other entities) so that you know who you’re communicating with online. Their objective is to make the internet a more secure place for organizations and users alike.
When a web browser initiates a secure connection over HTTPS, the SSL/TLS digital certificate is sent to the web browser. The browser checks the information in the certificate and authenticates it against its own root certificate store.
When this feature is working, users will not see warning messages in their browser, such as "not sure" or "your connection is not private." Those are displayed for insecure websites.
