Https has one more s than HTTP, so it must be an upgrade to HTTP, so what is it?

  • Https is not a new network protocol. It is HTTP that has a Layer of Secure Socket Layer (SSL). SSL exists between the application Layer (HTTP Layer) and TCP Layer

The introduction of the Https

  • Hypertext Transfer Protocol Secure (HTTPS) is developed by Netscape and built into its browser. It is used to compress and decompress data and return network upload results. HTTPS actually applies Netscape’s full Socket layer (SSL) as a sublayer of the HTTP application layer. (HTTPS uses port 443 instead of port 80 like HTTP to communicate with TCP/IP.) SSL uses 40-bit keywords as the RC4 stream encryption algorithm, which is appropriate for encrypting commercial information. HTTPS and SSL support x.509 digital authentication so that the user can confirm who the sender is if needed.

  • HTTPS is a secure HTTP channel, which is simply the secure version of HTTP. That is, add SSL layer to HTTP. HTTPS is based on SSL. For details about encryption, see SSL.

  • It is a URI Scheme(abstract identifier Scheme) with the same syntax as HTTP: Scheme. For secure HTTP data transfer. HTTPS: THE URL indicates that it uses HTTP, but HTTPS has a different default port than HTTP and an encryption/authentication layer (between HTTP and TCP). Originally developed by Netscape, the system provides authentication and encrypted communications and is widely used for security-sensitive communications on the World Wide Web, such as transactions and payments.

Why upgrade? What’s wrong with HTTP?

  • HTTP packets are not encrypted during transmission, and some private information may be eavesdropped.
  • During HTTP communication, the identity of the communicator cannot be verified, and there may be a forger (client, server).
  • HTTP cannot determine the integrity of communication packets, which may be tampered with in TCP/IP communication
Then Htpps is born to solve the above problems,Htpps SSL protocol is to make up for the shortcomings of HTTPS protocol

Services provided by the SSL protocol

  • Authenticate users and servers to ensure that data is sent to the correct clients and servers;
  • Encrypt data to prevent it from being stolen;
  • Maintain data integrity and ensure that data is not changed during transmission.

Major difference statistics

  1. HTTPS is an encrypted transport protocol, and HTTP is a name-based transport protocol.
  2. HTTPS requires an SSL certificate, but HTTP does not.
  3. HTTPS is more secure than HTTP, more friendly to search engines, and good for SEO.
  4. HTTPS standard port 443, HTTP standard port 80;
  5. HTTPS is based on the transport layer and HTTP is based on the application layer.
  6. HTTPS displays a green security lock in the browser, but HTTP does not.