web| security to establish a secure connection, a Web browser needs to first request a digital certificate from a Web server, and a digital certificate provides proof of identity. When the browser requests its digital certificate to the Web server, it also sends a list of the cryptographic algorithms it supports. When the server echoes the digital certificate and the encryption algorithm it chooses, the browser verifies the digital certificate by checking the digital signature and confirming that the URL matches the public name field of the digital proof. If these tests fail, the browser displays a warning message. As shown in Figure 2.
Figure 2 Authentication of the Web server to HTTPS
The communication between the browser and the server uses symmetric encryption. This means that the same key is used for encryption and decryption. When the server's certificate is verified, the browser generates a key that needs to be passed to the server in a secure way. In general, the use of double encryption to complete the transfer of key. The browser uses the server's public key to encrypt the key and then passes it to the server. The server uses its private key to decrypt the key and then sends a confirmation to the browser.
The above procedure shows an encrypted connection, and the browser and the server all have the same key, and they use the same encryption algorithm. Their subsequent communications will use this encrypted connection. The icon for the browser to display a yellow lock indicates that the connection is established. As shown in Figure 3, site visitors can verify the identity of the server by clicking on the yellow icon to check the server's certificate.
Figure 3 Secure connection