Home Tools

HTTPS

The S in HTTPS stands for secure. It means HTTP over SSL (Secure Sockets Layer).

  1. The browser requests a secure page from the server
  2. The server responds with its public key with its SSL certificate which is digitally signed by a third party CA (Certificate Authority).
  3. The browser contacts the CA to make sure the certificate is valid. Browsers typically store many CA's public keys.
  4. The browser creates a symmetric key or shared secret. It encrypts it with the server's public key and sends it to the server.
  5. The server uses its private key to decrypt the shared key.