In short, HTTPS = HTTP + SSL
When is HTTPS Required?
When we browse, we normally send and receive information using HTTP protocol. So this leads anyone to eavesdrop on the conversation between our computer and the web server. Many a times we need to exchange sensitive information which needs to be secured and to prevent unauthorized access.
Https protocol used in the following scenarios −
- Banking Websites
- Payment Gateway
- Shopping Websites
- All Login Pages
- Email Apps
- Basic Working of HTTPS
Public key and signed certificates are required for the server in HTTPS Protocol.
Client requests for the https:// page
When using an https connection, the server responds to the initial connection by offering a list of encryption methods the webserver supports.
In response, the client selects a connection method, and the client and server exchange certificates to authenticate their identities.
After this is done, both webserver and client exchange the encrypted information after ensuring that both are using the same key, and the connection is closed.
For hosting https connections, a server must have a public key certificate, which embeds key information with a verification of the key owner's identity.
Almost all certificates are verified by a third party so that clients are assured that the key is always secure.
Không có nhận xét nào:
Đăng nhận xét