Apple iOS forced https is imminent, only 1 days away from 2017, ready?

Source: Internet
Author: User
Tags ssl certificate

In fact, not long ago, Apple issued a notice that the application on iOS requires all HTTPS for the interface calls and data access, this is for data security, on the one hand for their own, on the other hand is more stringent requirements for the application, so good, but also to strengthen the market app specifications, Although Android does not mention that, but Apple's approach will certainly lead to mobile internet not small fluctuations

What is the HTTP, this needless to say, at present, many of the sites visited by HTTP, do Web applications are also aware of the HTTP protocol, the client sends the request to the server, the server response data to the client, this group data transmission is the HTTP

HTTPS: In fact, HTTP + SSL, that is, the client through the HTTP access to the service side, the server will return a certificate, the client encrypted and then uploaded to the server, the server is decrypted again, if the data is correct, then the interface allows the call. This is where HTTPS security is located.

If our app is still using HTTP, then iOS will close the corresponding door, your application will not be used, and the pre-listing audit is absolutely forced to audit.

Then how to set up HTTPS, the server is not casually install their own SSL certificate, although the installation can display HTTPS, but not certified or not, that is, must go to the corresponding third-party certification, this certification is also to money, small series I thought a one-time buyout, Results of the cheapest annual hundreds of, the most expensive annual to about 6,000, the price range has to let the people surprised ah! But there is no way, to let the app shelves, the blood is set.

To summarize, HTTP is the plaintext protocol, the data transmitted through the Protocol may be eavesdropping, tampering, impersonation, the risk is very large, especially the process of payment, it is likely to be fishing, so HTTP is a very insecure transport protocol, unless you feel indifferent. HTTPS is the encryption protocol, which is a new SSL encryption channel on the basis of HTTP, so that the plaintext data is encrypted and transmitted, ensuring the security of data transmission.

Finally I wish you a new year of work smoothly, good health!

Apple iOS forced https is imminent, only 1 days away from 2017, ready?

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.